Quick viewing(Text Mode)

Best Practices in Risk Management for Securitized Products

Best Practices in Risk Management for Securitized Products

≈√

Guidelines on Management

Best Practices in for Securitized Products

These guidelines were prepared by the Oesterreichische Nationalbank (OeNB) in cooperation with the Financial Authority (FMA) Published by: Oesterreichische Nationalbank (OeNB) Otto Wagner Platz 3, 1090 Vienna, Austria Austrian Authority (FMA) Praterstrasse 23, 1020 Vienna, Austria

Produced by: Oesterreichische Nationalbank

Editor in chief: Gu‹nther Thonabauer, Secretariat of the Governing Board and Public Relations (OeNB) Barbara No‹sslinger, Staff Department for Executive Board Affairs and Public Relations (FMA)

Editorial processing: Luise Breinlinger, Yi-Der Kuo, Alexander Tscherteu, Florian Weidenholzer (all OeNB) Thomas Hudetz, Werner Lanzrath (all FMA)

Design: Peter Buchegger, Secretariat of the Governing Board and Public Relations (OeNB)

Typesetting, printing, and production: OeNB Printing Office

Published and produced at: Otto Wagner Platz 3, 1090 Vienna, Austria

Inquiries: Oesterreichische Nationalbank Secretariat of the Governing Board and Public Relations Otto Wagner Platz 3, 1090 Vienna, Austria Postal address: PO Box 61, 1011 Vienna, Austria Phone: (+43-1) 40 420-6666 Fax: (+43-1) 404 20-6696

Orders: Oesterreichische Nationalbank Documentation Management and Communication Systems Otto Wagner Platz 3, 1090 Vienna, Austria Postal address: PO Box 61, 1011 Vienna, Austria Phone: (+43-1) 404 20-2345 Fax: (+43-1) 404 20-2398

Internet: http://www.oenb.at http://www.fma.gv.at

Paper: Salzer Demeter, 100% woodpulp paper, bleached without chlorine, acid-free, without optical whiteners

DVR 0031577

Vienna, 2004 Preface

The ongoing development of contemporary risk management methods and the increased use of innovative financial products such as and credit derivatives have brought about substantial changes in the business environment faced by credit institutions today. Especially in the field of lending, these changes and innovations are now forcing to adapt their in-house software systems and the relevant business processes to meet these new requirements.

The Guidelines on Management are intended to assist practitioners in redesigning a s systems and processes in the course of implementing the Basel II framework.

Throughout 2004 and 2005, guidelines will appear on the subjects of securi- tization, rating and validation, credit approval processes and management, as well as credit risk mitigation techniques. The content of these guidelines is based on current international developments in the banking field and is meant to provide readers with best practices which banks would be well advised to implement regardless of the emergence of new regulatory capital requirements.

The purpose of these publications is to develop mutual understanding between regulatory authorities and banks with regard to the upcoming changes in banking. In this context, the Oesterreichische Nationalbank (OeNB), Austrias , and the Austrian Financial Market Authority (FMA) see themselves as partners to Austrias credit industry.

It is our sincere hope that the Guidelines on Credit Risk Management pro- vide interesting reading as well as a basis for effective discussions of the current changes in Austrian banking.

Vienna, December 2004

Univ.Doz. Mag.Dr. Josef Christl Dr. Kurt Pribil, Member of the Governing Board Dr. Heinrich Traumu‹ller of the Oesterreichische Nationalbank FMA Executive Board

3 Contents

0 Introduction 7

1 Fundamentals 8 1.1 Motivation and Delineation 8 1.1.1 Motives behind Securitization 9 1.1.2 Delineation of Securitization Transactions 9 1.2 Common Structures 10 1.2.1 Ways of Assuming Risk 11 1.2.2 Basic Types of Securitization Transaction 12 1.3 Current Developments 16 1.3.1 New Securitization Structures 16 1.3.2 The Austrian Securitization Market 18

2 20 2.1 Essential Types of Risk 20 2.2 Credit Risks 21 2.2.1 Origins of Credit Risk 21 2.2.2 Limitation 22 2.2.3 Distribution 23 2.3 Structural Risks 24 2.3.1 Market Risks 24 2.3.2 Liquidity Risks 24 2.3.3 Operational Risks 26 2.4 Legal Risks 27 2.4.1 General Treatment 27 2.4.2 Enforceability of Claims 29 2.4.3 Availability of Information 31 2.5 Relevance of Risks to the Parties Involved 32 2.5.1 Incomplete Transfer of Risk from the Originator 32 2.5.2 General Risks Assumed by the Investor 33

3 Risk Measurement 33 3.1 Defining and Quantifying Risk 34 3.2 Approaches to Quantifying Credit Risk 35 3.2.1 Origin of Credit Risk 35 3.2.2 Limitation and Distribution 36 3.3 Quantification Approaches for Structural Risks 38 3.3.1 Market Risks 38 3.3.2 Liquidity Risks 38 3.3.3 Operational Risks 39 3.4 Quantification Approaches for Legal Risks 39 3.4.1 General Treatment 39 3.4.2 Enforceability of Claims 40

4 External Ratings 40 4.1 Function of External Ratings 41 4.2 Initial Rating 42 4.2.1 Preliminary Stage 42

4 Contents

4.2.2 Quantitative Analysis 42 4.2.3 Qualitative Analysis 45 4.2.4 Rating Determination and Completion Stage 46 4.3 Ongoing Monitoring of Ratings 46 4.4 Data Requirements Specific to Types of Receivables 47 4.5 Conclusions 48 4.5.1 Securitization Transaction Ratings vs. Corporate Ratings 48 4.5.2 Using External Ratings in the Banks Internal Risk Management 49

5 Risk Management 50 5.1 Meeting Basic Prerequisites 51 5.1.1 Basic Prerequisites for the Originator 51 5.1.2 Basic Prerequisites for the Investor 55 5.2 Execution Stage 56 5.2.1 Structuring Stage for the Originator 57 5.2.2 Specific Investment Decisions for Investors 58 5.3 Ongoing Monitoring and Reporting 58 5.3.1 Risk Controlling 59 5.3.2 Reporting 60 5.3.3 Special Issues for the Originator 60

6 Appendix A: Glossary 63

7 Appendix B: Regulatory Discussion 72

5

Best Practices in Risk Management for Securitized Products

0 Introduction This guideline deals with best practices in risk management for securitization transactions and concentrates on two primary objectives: First, it is intended to give a fundamental overview of securitization for readers who have had little or no exposure to the subject. Second, this publication is intended to provide more experienced readers with practically relevant information and guidance for the proper design of risk management mechanisms in securitization.

In light of these objectives, this guideline should not be seen as a compre- hensive reference work on securitization structuring, nor as a collection of mathematical methods for risk quantification. Instead, the guideline first pres- ents an overview of the risks associated with securitization. On the basis of these risks, we then elaborate on the resulting practical challenges for risk manage- ment for securitized products. The guideline also describes those approaches to meeting such challenges which have proven reliable in the eyes of experi- enced market participants. Unless explicitly indicated otherwise, the ideas pre- sented in this publication apply to originators as well as investors.

Chapter 1 covers the fundamentals of securitization. In that chapter, we point out that securitization transactions are not only to be regarded as a source of risk, but that banks can also use them to control and manage credit risk. In these transactions, banks can assume risk by means of a large number of func- tions and instruments. Given the high complexity and innovative power of securitization markets, effective risk management in this field makes high demands with regard to know-how and flexibility.

Chapter 2 gives a description of the key risks specifically associated with securitization. The primary conclusion reached in this context is that the risk structure of securitization transactions goes far beyond the credit risk involved in conventional lending business and thus has to be treated separately in risk management. For cost reasons, it may be difficult for a single bank to provide all the expertise necessary to assess all of the complex structural and legal risks involved in securitization transactions. In risk management, these transactions therefore call for stronger emphasis on the coordination and monitoring of all parties involved as well as consultation with external experts.

Chapter 3 examines approaches to quantifying the risks involved in securi- tization positions. The prevalent credit portfolio models provide a basis for the quantification of credit risks in , but this basis is not sufficient to cover the specific quantitative distribution of credit risks among the parties involved in these transactions. Approaches to the integrated quantification of credit risks, structural risks and legal risks are applied in the process of cash flow modeling. However, these approaches require a great deal of effort and have only been able to quantify a small number of structural and legal risks up to now. Therefore, risk management for securitization transactions cannot focus on a single quantitative method alone but should always use multiple quantita- tive and qualitative approaches.

7 Best Practices in Risk Management for Securitized Products

Chapter 4 explains how securitization deals are rated by external rating agencies. For a banks in-house securitization risk management, the conclusion reached here is that external ratings can only be used to replace in-house risk quantification to a limited extent. Due to the considerable effort involved in risk quantification, however, the use of external ratings does have advantages in terms of costs and can therefore be considered as an alternative for individual securitization transactions.

Chapter 5 discusses how the securitization-specific risks identified in the preceding chapters can be addressed in risk management. It is only possible to optimize securitization risk management when certain prerequisites are met by the originator and investor prior to each transaction. A majority of securitization-specific risks can be minimized by designing a transparent and comprehensive structuring process. The ongoing monitoring of securitization positions will then require the originator and investors to adapt their usual credit risk management activities only to a minor extent in order to accommo- date securitization-specific risks.

This guideline concludes by explaining a number of essential securitization- related terms in a glossary (Appendix A) and by giving a brief overview of cur- rent discussions on the regulatory treatment of securitization (Appendix B).

Finally, we would like to point out that this guideline is only intended to be descriptive and informative in nature. It cannot (and is not meant to) make any statements on the regulatory requirements imposed on credit institutions deal- ing with securitization positions, nor is it meant to pass judgment on the activ- ities of the competent authorities. Although this document has been prepared with the utmost care, the publishers cannot assume any responsibility or liability for its content.

1Fundamentals This chapter gives a brief introduction to the field of securitization, thus pro- viding a basis for the description of best practices for securitization risk manage- ment in the later chapters. Section 1.1 discusses the motives behind securitiza- tion, as well as defining this type of capital market instrument and delineating it from other instruments from a risk management perspective. Based on the gen- eral structure of a securitization transaction, section 1.2 presents the essential functions assumed and instruments deployed by banks to take on risk in securi- tization transactions. Furthermore, it gives an overview of the most common securitization structures. Section 1.3 concludes the chapter with a description of recent innovations in securitization structures as well as current develop- ments on the Austrian securitization market.

1.1 Motivation and Delineation Securitization products are structured capital market instruments. Due to the complex structure of risk distribution in securitization transactions and their unique character compared to other capital market instruments, they must

8 Best Practices in Risk Management for Securitized Products

be regarded as a separate instrument in risk management. The essential reasons why banks make use of securitization are discussed in detail below.

1.1.1 Motives behind Securitization In a securitization transaction, the credit risks associated with a defined pool of receivables (i.e. assets) are isolated from the originator of the receivables, then structured and passed on to one or more investors in the form of at least two different risk positions. In addition to transferring risk, financed structures can also create an inflow of liquid funds corresponding to the value of the pool of receivables for the originator. Banks have five essential motives for securitizing assets: — Risk diversification: By transferring risk in a securitization transaction, a bank can restructure its credit portfolio — thus improving its risk/return profile — and deliberately pass on risks or take on new ones. This might be useful, for example, in cases where a banks credit portfolio accumulates considerable concentration risks due to its regional sales strength. Securitization deals are thus not only a source of risk, they can also be used in risk management with the specific aim of controlling risk. — Access to liquidity: Funded structures provide the securitizing bank with additional funds by means of on the capital market. By isolating the pool of receivables and refinancing it separately, the bank might also be able to obtain more favorable terms than in the case of on-balance-sheet refinancing. This is especially attractive to banks whose ratings would only allow less favorable refinancing terms on the capital or interbank market. — Reduction of capital requirements: By transferring credit risks to third parties, banks can reduce their regulatory and requirements. Therefore, securitization provides a means of reducing tied-up capital, thus making it available for new business opportunities. — Product range enhancement: In addition to bank claims, other receivables — such as corporate accounts — can also be securitized. This gives companies an alternative source of capital market financing instead of financing by means of conventional bank loans. Banks frequently offer securitization products to their corporate clients in addition to such loans. — Investment opportunities: Banks also invest in the bonds issued in securitiza- tion transactions, as these bonds frequently offer attractive yields.

These motives are likely to gain importance in the eyes of the banks due to the harmonization and internationalization of markets, which might in turn lead to the increased use of securitization. The need to pay increased attention to securitization in risk management also stems from its unique structural charac- teristics compared to other capital market instruments.

1.1.2 Delineation of Securitization Transactions For all of the parties involved, securitization risk management presents a num- ber of special challenges resulting from the characteristics of securitization. In this guideline, securitization transactions are delineated on the basis of three central structural features:

9 Best Practices in Risk Management for Securitized Products

— The basis of a securitization transaction is a defined pool of receivables. There- fore, risk management not only has to take into account the risk involved in individual claims, it also has to consider pooling effects (e.g. volume and diversification effects). The pool can contain a wide variety of receivables, and the risks involved can differ significantly from those of conventional loans, thus requiring particular caution in assessment (e.g. trade receivables, receivables from licensing). — In a securitization transaction, the defined pool of receivables is isolated from the credit originators , and the risks in the pool are trans- ferred to third parties and in some cases refinanced separately. Therefore, the complete isolation of the pool of receivables as well as the wide variety of instruments used for risk transfer and refinancing deserve special atten- tion in securitization risk management. — The risk transfer and any refinancing in a securitization transaction are struc- tured, that is, at least two positions (tranches) which are assigned different levels of priority are created in the distribution of risks and cash flows. Identifying the risks contained in the individual tranches requires a careful analysis of this (usually complex) structuring mechanism.

On the basis of these three structural characteristics, securitization trans- actions can be differentiated clearly from other capital market instruments as follows: — The direct sale or -based hedging of individual loans involves refi- nancing and/or a transfer of risk, but not a defined pool of receivables. — No structuring is performed in the direct sale or derivative-based hedging of a pool of receivables. Furthermore, the reference portfolio used in derivative- based hedging does not necessarily have to match the defined pool of receiv- ables; it can contain defined positions not held by the originator (e.g. in the case of a basket credit ). — In the case of Pfandbrief mortgage bonds, the pool of receivables is not com- pletely isolated from the credit rating of the credit originator, nor is the pool structured. — The subordinated status of a conventional only causes a payment disrup- tion if the issuer goes bankrupt; this does not constitute structuring as defined above. In contrast to a subordinated bond, a junior securitization tranche will already be endangered by defaults in the pool of receivables well before an issuer becomes bankrupt.

Securitization products are thus innovative and clearly differentiated capital market instruments which have to be treated separately in risk management.

1.2 Common Structures This guideline is primarily intended for banks. For this reason, special attention is paid to the functions a bank can assume in the course of a securitization trans- action. Along with the instruments employed in the most common securitiza- tion structures, these functions determine the type and extent of the risk posi- tions assumed by the bank.

10 Best Practices in Risk Management for Securitized Products

1.2.1 Ways of Assuming Risk Securitization risk management must cover all of the risk positions a bank takes on in the course of a transaction. These risk positions arise from the various functions the bank assumes as well as the instruments employed in a transaction. The most common functions and instruments are presented below along the lines of the basic structure of a securitization transaction (cf. Chart 1). Chart 1

The main parties involved in a securitization transaction are the originator, the investor, and the servicer. These parties are related by means of a special-pur- pose vehicle or SPV (cf. Chart 1). In the course of its business activities, the orig- inator generates assets in the form of receivables (such as those arising from credit agreements) from debtors (obligors). A defined pool of receivables is then transferred to the special-purpose vehicle established specifically for this pur- pose. In turn, the special-purpose vehicle structures the risks and payments involved in the transaction, after which it passes them on to the investors. The servicer is commissioned by the special-purpose vehicle to handle the ongo- ing management and collection of those receivables.

In addition, a large number of other parties also cooperate in securitization transactions. The securitization deal is structured by the arranger, who usually also evaluates the pool of receivables. In the structuring process, some of the risks are transferred to credit enhancers (i.e. providers of credit risk mitigation). The special-purpose vehicle is founded by the sponsor, which may be the same organization as the originator or trustee. The trustee monitors the proper exe- cution of the transaction as well as the business activities of the special-purpose vehicle and servicer on behalf of the investors. The trustee might also act as the paying agency between the servicer and the investors. If the special-purpose vehicle transfers risk by way of the capital market, the credit quality of tranches has to be assessed by rating agencies, and tranches are placed on the market by an

11 Best Practices in Risk Management for Securitized Products

underwriting syndicate. In general, banks can assume all of the functions except for those of the rating agency. Depending on the duties they assume, banks take on risks by means of various instruments.

Among the instruments used to assume risk, it is first necessary to differ- entiate between credit derivatives and traditional securitization instruments. Credit derivatives can be subdivided into credit default swaps (CDSs) and credit-linked notes (CLNs). In contrast to CDSs, CLNs provide funding for the issuer. Credit derivatives can be used to transfer risk both from the origi- nator to the special-purpose vehicle and from the special-purpose vehicle to the investors. In traditional securitization, ownership as well as the risks are transferred from the originator to the special-purpose vehicle through the sale of receivables. In a traditional securitization environment, the special-purpose vehicle will pass the risks on to the investors by issuing bonds which are collat- eralized by the receivables and called asset-backed securities (ABS). Both of these steps provide funding for the respective seller. To a limited extent, risk is also transferred using other risk mitigation instruments or credit enhancements, which include credit , guarantees, letters of credit, or liquidity facilities to bridge -term payment disruptions. Credit enhancements are distinguished from credit derivatives and asset-backed securities by the nature of the instru- ments used as well as the fact that they are granted by credit enhancers and not sold to investors. The most subordinated risk position is usually referred to as the first-loss piece (FLP), as it has to absorb the first losses incurred in the pool of receivables.

The general structure presented here can be found in almost all forms of securitization transactions; however, specific structural characteristics may well be arranged differently in individual cases. In order to ensure comprehensive risk management, practitioners will require a more detailed understanding of common securitization structures. These structures are presented in the next section.

1.2.2 Basic Types of Securitization Transaction The basic types of securitization transaction are differentiated by the type of underlying assets, the means of transferring risk and the structure of the trans- action.

In principle, any receivables can be securitized, but usually receivables with stable and foreseeable future payment streams are selected for economic rea- sons. When differentiated by the type of underlying receivables, securitization transactions can be broken down into mortgage-backed securities (MBSs), col- lateralized obligations (CDOs) and asset-backed securities (ABSs) in the narrower sense (see Table 1).

12 Best Practices in Risk Management for Securitized Products

Table 1 Securitization Types by Underlying Assets (ABS, broadly defined)

MBS CDO ABS (strictly defined)

RMBS: Residential CLO: Collateralized loan receivables mortgage-backed securities obligations Leasing receivables CMBS: Commercial CBO: Collateralized bond Trade receivables mortgage-backed securities obligations Consumer loans

Receivables in MBSs are secured by land or real estate. In CDOs, loans and similar products (e.g. bonds) are securitized, and the debtors are mainly corpo- rate clients. The narrow definition of ABSs includes all securitization transac- tions not categorized as MBSs or CDOs. The most frequently used types of receivables are credit card debt, leasing receivables, trade receivables and con- sumer loans. In addition, the underlying receivables can be categorized by their origins (primary or secondary market) and debtors (banks, corporate clients, public-sector entities). It is necessary to differentiate types of receivables in risk management because valuating a pool of receivables backed by real assets, for example, will require different parameters from those used to assess a pool of credit card receivables.

ABSs are also often based on revolving receivables. Receivables are referred to as revolving when debtors are allowed to vary the amounts borrowed and repaid within agreed limits (e.g. in the case of credit card debt and corporate lines of credit). This poses an additional challenge in securitization: The precise amounts of the debt as well as the associated and principal payments can fluctuate heavily and can only be forecast to a limited extent. This has to be taken into consideration accordingly in risk management.

When it comes to the means of transferring risk, a fundamental distinction is made between synthetic securitization and true-sale structures (cf. Chart 2). The latter type of transaction is also referred to as a traditional securitization transaction in Basel II terminology. In the case of synthetic securitization, the originator retains ownership of the receivables, and only the credit risks arising from them are transferred to the special-purpose vehicle (by means of deriva- tives). In a true-sale structure, ownership of the receivables — including the credit risk — passes to the special-purpose vehicle and the originator receives the corresponding amount of financial funds.

13 Best Practices in Risk Management for Securitized Products

Chart 2

Synthetic securitization transactions only provide funding for the originator under certain circumstances. In general, a distinction is to be made between flows of funds to the special-purpose vehicle and the financing effects for the originator in synthetic securitization deals. In order to achieve these financing effects, the special-purpose vehicle can issue CLNs or ABSs (in this case on a synthetic underlying). For its part, the originator can issue CLNs to the special-purpose vehicle in order to receive financial funds in return. Otherwise, the special-purpose vehicle should invest the funds in top-rated instruments. Under the latter arrangement, it follows that funds would only be transferred to the originator if it issued such highly rated instruments that the special- purpose vehicle could reinvest in them. In the case of synthetic securitization, it is possible to avoid setting up a special-purpose vehicle altogether if the originator has such a high rating that it can also issue CLNs on its own balance sheet.

Compared to synthetic securitization, therefore, a true-sale structure gen- erally offers the advantages of the greatest possible financing effect as well as balance sheet improvement for the originator. From the risk management perspective, however, true-sale structures pose a special challenge because the transfer of ownership of the receivables and the associated to the special-purpose vehicle has to be secured under civil law and law. While the International Swaps and Derivatives Association (ISDA) provides standardized contracts which can be used for synthetic structures, true-sale structures usually have to be documented on an individual basis.

When risk is transferred from the special-purpose vehicle to the investors in the form of asset-backed securities (ABSs) secured by receivables, a general distinction is made between long-running term transactions and asset-backed programs (ABCPs).

The ABSs issued in term transactions generally have maturities of at least two years. Rating agencies assign term transactions long-term issue ratings, that

14 Best Practices in Risk Management for Securitized Products

is, usually a pool of receivables which is fixed for the defined term of the securi- tization is evaluated and individual securitization tranches are rated on the basis of that evaluation. The securitization transactions rating is thus largely inde- pendent of the originators own rating.

In ABCP programs, short-term, unsecured receivables (e.g. corporate receivables) are purchased by a special-purpose vehicle referred to as the con- duit. The conduit refinances the receivables purchased by issuing commercial paper (CP), which generally has a term of 30 to a maximum of 360 days. Repay- ments from the pool of receivables are used to purchase new receivables, and outstanding commercial paper is redeemed at maturity by issuing new commer- cial paper. Therefore, ABCP programs do not have predefined maturities. Rat- ing agencies give these programs short-term program ratings which reflect the ability of the program to service the commercial paper completely and in a timely manner. These ratings are largely independent of the credit quality of the underlying pool of receivables. Liquidity is typically ensured in ABCP pro- grams by liquidity facilities provided by the sponsor. By granting a loan to the conduit until the first commercial paper is issued, the sponsor also generally assumes the credit risks while the pool of receivables is being built up; this is known as the ramp-up or warehousing stage. The ABCP programs rating there- fore depends heavily on the sponsors rating. As is the case in term transactions, servicing is also usually handled by the originator in ABCP programs.

Rating agencies treat term transactions and ABCP programs in fundamen- tally different ways, which also clearly indicates that they have to be regarded as different transaction types in risk management.

As regards the structure of a securitization transaction, the most important differentiating characteristics are public versus private transactions as well as single versus multi-seller structures. Public transactions are offered to a broad base of investors and are therefore usually rated by external agencies. This rating is monitored over the term of the transaction. In contrast, private transactions are usually arranged specifically for individual investors and do not necessarily receive external ratings. As a result, the reduced amount of information avail- able makes risk management more difficult.

Single-seller structures are securitization transactions in which the underly- ing receivables are only generated by a single originator. As small banks and companies often cannot attain the critical mass required to launch a securitiza- tion project, they aggregate their pools of receivables into what we refer to as multi-seller structures. These structures are currently found almost exclusively in ABCP programs, but in principle they could also be implemented in term transactions. Due to differences in lending procedures among the originators involved, however, it is often difficult to compare and assess the risks in such pools, which means that these structures require special attention in risk man- agement.

15 Best Practices in Risk Management for Securitized Products

Securitization transactions can also be classified on the basis of other struc- tural characteristics, such as the type of risk mitigation instruments used or the mechanisms used to allocate payment streams to the structured risk positions (tranches). A description of various securitization forms and the resulting requirements for risk management is given in the presentation of credit risks in section 2.2.

1.3 Current Developments The final section of this chapter deals with a number of new securitization struc- tures which can be observed on international markets. Against this backdrop, we also discuss the securitization activities seen to date in Austria as well as potential future developments. This discussion indicates that best practices in securitization risk management have to be adapted quickly and flexibly to the changing structure of the securitization markets.

1.3.1 New Securitization Structures The new, innovative securitization structures discussed in this section include the securitization of public-sector receivables, delinquent loans and other types of receivables which have not been securitized in the past. In addition, this section discusses the growing tendency to combine synthetic securitization with true-sale structures as well as the use of securitization transactions and Pfandbrief mortgage bonds as mutual complements.

The securitization of public-sector receivables generally serves to relieve pub- lic budgets. Such transactions have already been carried out in Italy, Spain and the Netherlands, for example. In response to this development, EUROSTAT (the Statistical Office of the European Communities) has defined criteria which the securitization of public-sector receivables has to fulfill in order to be included in deficit calculations. The province of Lower Austria also securitized housing loans already in 2001.

In the securitization of delinquent loans, extremely risky receivables are deliberately placed in the pool in order to reduce risk and tied-up capital for the bank and to improve the risk/return profile of the portfolio of receivables. In individual cases, however, losses will also have to be realized due to the mar- ket-based of receivables. However, receivables in which payment streams are highly volatile and can only be predicted with difficulty can, in prin- ciple, also be securitized.

In recent years, we have also seen an increasing number of new types of receiv- ables in securitization transactions (i.e. those which have not been securitized in the past), for example receivables from license and patent fees, stadium reve- nues, and revenues from businesses such as pubs or funeral homes. These receivables are generally securitized in whole business securitizations (WBSs), in which all of the payment streams for a company (or part of a company) are assigned to the special-purpose vehicle. WBSs are generally carried out in con- nection with corporate takeovers and have remained a rather secondary market segment to date.

16 Best Practices in Risk Management for Securitized Products

All of the new and innovative securitization structures described up to this point have extended the usual range of receivables securitized. From a risk man- agement perspective, it is necessary to ensure that all of the additional risks involved in these structures, for example the increased risks in the pool of receivables when delinquent loans are securitized, are taken into consideration.

In the future, we can expect to see the increased convergence of synthetic securitization transactions and true-sale structures. Even today, credit-linked notes can be used to provide partial funding in synthetic securitization transactions. Furthermore, receivables do not necessarily have to be removed from the bal- ance sheet explicitly in a true-sale structure in order for reduced regulatory capital requirements to be recognized under Basel II.

In the future, Pfandbrief mortgage bonds and securitization are also likely to see increased use as mutual complements in the structure of transactions. Pfand- brief mortgage bonds are distinguished from securitization transactions by the following characteristics: — The receivables remain on the originators balance sheet, thus the originator is still forced to bear the corresponding credit risk. — In addition to the receivables used to secure the Pfandbrief, the issuing banks overall assets serve as liability assets for the investors. — There is no direct connection between the payments arising from the receiv- ables used as collateral and the payments disbursed to investors. — The composition of coverage capital can change over time. — Pfandbrief mortgage bonds can only be issued by banks which have been granted the legal right to do so.

In several European countries which do not have a law regarding this type of bond (e.g. England and Italy), a securitization structure very similar to Pfand- brief mortgage bonds is currently being developed. In these structures, defined receivables on the originators balance sheet are segregated for separate refi- nancing, with the revenue streams arising from those receivables being used to repay bonds issued for that specific purpose. On the other hand, in some European countries which do have laws regulating Pfandbrief mortgage bonds, separate securitization laws have been passed or are currently being discussed, which means that a separate legal framework is being set up for securitization (similar to the existing framework for Pfandbrief mortgage bonds).

Therefore, future best-practice risk management has to be designed in such a way that it can respond to potential changes in securitization structures quickly and comprehensively.

17 Best Practices in Risk Management for Securitized Products

1.3.2 The Austrian Securitization Market This section first gives an overview of the nature and scope of the current securitization market in Austria. We then discuss the structure of Austrian banks overall receivables as well as their general suitability for securitization. This step is included in order to identify potential future developments on the Austrian securitization market insofar as these tendencies are influenced by the structure of bank claims. Chart 3

Although it may not be exhaustive, Chart 3 gives a general overview of securitization transactions carried out in Austria to date.

Only few large-scale securitization transactions have been carried out by Austrian banks thus far. At the same time, the types of receivables securitized have covered a broad spectrum, including the securitization of loans to Austrian small and medium-sized enterprises (SMEs), receivables from leasing transac- tions and residential construction loans, as well as trade receivables. As regards the type of structure used, the majority of transactions were true-sale securiti- zation deals. One exception was the synthetic securitization PROMISE Austria 2002, which was carried out through KfWs fairly standardized program in Ger- many. Moreover, several transactions have taken place in the international sub- sidiaries of Austrian banks (e.g. Dolomiti Funding by Hypo Alpe Adria Bank in Italy). However, those transactions are not included as part of the Austrian mar- ket because they involved securitizing foreign receivables.

Chart 4, which depicts the structure of Austrian bank claims, shows that amounts receivable from other banks and from governments account for over 30% and 18% of total claims, respectively, which means that these two compo- nents are significant. Due to the regulatory capital requirements which have been in place up to now (and will remain applicable until new regulations go into effect) as well as the resulting preferential treatment of claims against banks

18 Best Practices in Risk Management for Securitized Products

and governments in OECD countries over other exposure categories, Austrian banks have had little incentive to securitize this prevalent type of claim in order to reduce regulatory capital requirements. In principle, however, claims against corporate clients (24%), against SMEs (16%), and against private individuals (8%) can be securitized and point to existing securitization potential on the Austrian market. Chart 4

Of the claims against non-banks, approximately 37% can be attributed to savings banks and 22% to Raiffeisen banks. The overall claims of these institu- tions are characterized by a large number of loans with a low average loan vol- ume. Joint banks (17%) and regional mortgage banks (RMB; 9%) could also provide additional impetus for the Austrian securitization market.

As for the investors side, it is worth noting that Austrias large banks predominantly invest in ABS and CDO positions. In general, they pursue a buy-and-hold strategy, thus the tranches are held in the banking book, which probably also reflects the lack of liquidity on the market for these financial instruments. Investors predominantly focus on positions with very high (invest- ment-grade) credit quality. Positions generally amount to several million euro. Moreover, banks have shown increasing interest in acting as arrangers for large- scale customers.

In addition to changes in regulatory capital requirements, the need to tap alternative sources of funding as well as the accompanying pressure on bank management to conform to international market practices will largely deter- mine the actual development of the Austrian securitization market. From todays standpoint, forecasting how the market will develop in the future is rather difficult; in particular, the future securitization activities of smaller banks are difficult to predict. It is very important to develop an understanding of the field of securitization at an early juncture in order to minimize risks if these

19 Best Practices in Risk Management for Securitized Products

instruments are employed later on. For this purpose, the later chapters of this guideline give a more detailed description of these risks and discuss best-prac- tice approaches to risk management.

2Risks This chapter focuses on identifying the various risks involved in securitization, especially those which are specific to this type of transaction. General banking risks are only discussed when they are especially relevant to securitization risk management. Section 2.1 defines and differentiates the following main risk types relevant to securitization: credit risk, structural risk and . Sec- tions 2.2, 2.3 and 2.4 discuss a selection of occurrences of these risk types in greater detail. In section 2.5, we discuss the varying relevance of each risk type to the parties involved in a securitization transaction. The information pre- sented in this chapter forms the basis for the risk quantification considerations discussed in chapter 3.

The risks involved in securitization are just as widely varied as the range of possible securitization structures, thus the explanations in this chapter cannot be considered exhaustive. However, the systematic approach presented here is also well suited for more detailed analyses of securitization risk.

2.1 Essential Types of Risk In risk management, banking transactions are generally assumed to be exposed to credit risks, market risks, liquidity risks, and operational risks. As banking transactions, securitization deals are obviously exposed to these risks as well.

Chart 5 depicts the structure of the securitization-specific risk types dis- cussed in this guideline. Specific forms of risk are assigned to risk types accord- ing to the focus of this document. Chart 5

20 Best Practices in Risk Management for Securitized Products

In this guideline, credit risk is defined as the risk of incomplete or delayed fulfillment of payment obligations. All payments which arise in a securitization transaction are subject to credit risk. Therefore, this risk can stem from debtors as well as the other parties involved in a transaction. As we will discuss in section 2.2, the structure of a securitization transaction serves to mitigate credit risks and distribute them among the investors.

This guideline only addresses those market risks, liquidity risks and opera- tional risks which specifically arise from the structure of a securitization trans- action. Therefore, these risks are clustered under the heading of structural risks in section 2.3.

In particular, the essential market risks involved in securitization are inter- est rate and exchange risks. These risks might arise in the case of differing interest payment arrangements, or when the currency in the underlying pool of receivables differs from that of the bonds issued. Securitization transactions are subject to in two respects: On the one hand, temporal mis- matches between incoming and outgoing payment flows have to be managed (balance-sheet liquidity risk); these mismatches are often caused by early repay- ment on the part of the debtors (prepayment risk). On the other hand, market- based liquidity risk can arise when bonds are issued on the primary market or traded on the secondary markets. The large number of parties involved in a securitization transaction brings about agency risk, a special form of opera- tional risk in which individual parties involved in the transaction (agents) may take advantage of discretionary freedom to the detriment of the investors (principals).

Securitization structures are complex and generally require extensive and detailed contractual agreements. Legal risks arise due to uncertainties in the general treatment of securitization transactions and in the enforcement of indi- vidual parties claims. In addition, special issues related to data protection and banking privacy also come up in connection with data availability. Section 2.4 gives a more detailed description of these forms of risk, with due attention to jurisdiction issues.

2.2 Credit Risks From a risk management perspective, the origins of credit risk are less impor- tant than its limitation and subsequent distribution among the investors. This section examines all three of these aspects in succession.

2.2.1 Origins of Credit Risk Credit risks are created by the individual debtors in the pool of receivables as well as the other parties involved in a transaction.

Individual debtors in the pool of receivables might fail to meet their contractual payment obligations in full or on time due to bankruptcy or for other reasons. Structuring and transferring these risks in the pool of receivables are often the main motives behind a securitization transaction. Therefore, credit risks in the

21 Best Practices in Risk Management for Securitized Products

pool are usually the focus of risk management activities in securitization trans- actions (e.g. when agencies determine ratings).

However, securitization transactions involve a large number of additional payment flows which are also subject to credit risk (cf. Chart 1), including the following: — Payments from the paying agency to the investors — Payments of fees from the special-purpose vehicle to the servicer — Payments passed on from the servicer to the paying agency — Payments from credit enhancers in connection with their credit enhance- ment obligations.

Each of these payment streams is subject to the risk of default by one of the other parties involved in the transaction. This additional credit risk also has to be addressed in risk management for securitization transactions; however, it is usu- ally far less significant than the total of individual credit risks in the pool of receivables.

2.2.2 Limitation The credit risks identified within a securitization transaction are first limited by means of various credit enhancements before being distributed among the invest- ors. Credit enhancements can be differentiated by their origins. Internal credit enhancements are generated within the pool of receivables, while external credit enhancements include all additional enhancements provided by credit enhancers.

With regard to credit enhancements within the pool of receivables, we can distinguish between overcollateralization, excess spread and repurchase agree- ments.

Overcollateralization means that the portfolio transferred to the special- purpose vehicle has a higher nominal value than that of the bonds issued to the investors. The additional interest and principal repayment income is then available to cover any occurring credit defaults. Payments not required for this purpose can be returned to the originator once the transaction has been com- pleted.

Excess spread refers to any funds left over once the claims of investors and other interested parties have been satisfied. This can be the case, for example, when interest payments to investors are exceeded by the total interest paid by individual debtors as a result of diversification effects. Excess spread is invested within the scope of the transaction and can be used to cover credit risks if nec- essary.

Repurchase agreements provide the originator with a specific means of limiting credit risks within the pool of receivables. In such an agreement, the originator undertakes to offset realized credit risks by repurchasing the relevant receivables at face value. Repurchase agreements are generally limited to only a certain part of the pool of receivables (e.g. the amount of the expected loss).

22 Best Practices in Risk Management for Securitized Products

Enhancements provided by credit enhancers usually include general guarantees (e.g. letters of credit or other guarantees), pledges (cash deposits, financial col- lateral, interest subparticipation) and credit insurance (financial guarantee insurance, pool insurance). These credit enhancements can also be contributed by the originator.

In a general guarantee, a credit enhancer undertakes to offset losses arising from credit risk up to a certain amount. In contrast to a repurchase agreement, a general guarantee usually does not allow receivables in the pool to be replaced at a later time.

Another credit enhancement is the pledge of cash deposits or other financial collateral to the special-purpose vehicle by means of guarantee agreements. These enhancements can be used to cover losses incurred when credit risks are realized. Such pledges usually involve only collateral with high ratings and high liquidity.

Credit insurance can also be used to mitigate credit risks, with a general dis- tinction being made between insurance for the overall value of the underlying pool of receivables (pool insurance) and insurance for a specific tranche (finan- cial guarantee insurance).

2.2.3 Distribution Credit risks are distributed among the parties involved by means of bonds in true-sale securitization structures and by means of credit derivatives (usually CDSs and CLNs) in synthetic structures. The distribution of credit risks using credit derivatives in securitization transactions does not differ from the isolated use of credit derivatives, thus it is not discussed further in this context.

The distribution of credit risks is based on the principle of subordination. Subordination involves forming at least two tranches of claims to payments from the pool of receivables, with the claims from the senior tranche taking prece- dence over the subordinated or junior tranche (cf. definition of a securitization transaction using structured risk positions). Should credit defaults occur, they will be offset first by the claims in the junior tranches. Credit risk is therefore reduced in the senior tranches, as they do not bear losses until the junior tranches have defaulted.

The position known as the first-loss piece, which bears the losses arising from the first payment defaults occurring in a securitization deal, is a specific type of subordinated tranche. The first-loss piece does not necessarily have to be a bond, it may also take the form of a credit enhancement mentioned above. In most cases, the first-loss piece is taken on by the originator and should be considered accordingly in the originators risk management activities.

The distribution of credit risks is not necessarily fixed over the term of a transaction; it may well be subject to fluctuations over time. When a clean- up call is agreed upon, for example, the originator is given the of

23 Best Practices in Risk Management for Securitized Products

repurchasing all outstanding tranches once a certain limit is reached prior to the scheduled end of the transaction. This option can be exercised for financial rea- sons and allows credit risks to be shifted back to the originator after the trans- action has been initiated, which is relevant to risk management activities.

2.3 Structural Risks Even in cases where debtors and other involved parties meet their payment obli- gations completely and in a timely manner, structural risks can still bring about payment disruptions in a securitization structure. The types of structural risk differentiated in this guideline include the market risks, liquidity risks and operational risks resulting specifically from the structure of a securitization transaction.

2.3.1 Market Risks The main market risks relevant to securitization are risks and exchange risks. One of the special-purpose vehicles sources of revenue is the contractually agreed interest payments to be made by the debtors. These can be based on either a fixed interest rate or a variable rate linked to a reference rate (i.e. the base rate). The same applies to the interest payments disbursed by the special-purpose vehicle to the investors. Four situations associated with spe- cific interest rate risks can be distinguished: 1. Interest income and expenses are based on a fixed interest rate: A change in reference rates would not pose a risk to the special-purpose vehicles pay- ment flows as long as refinancing matches in terms of maturity. In the case of a maturity mismatch, reinvestment risks may arise depending on the term structure of interest rates. 2. Interest income is based on a fixed rate, interest expenses on a variable rate: If the reference rate increases, there is a risk that the special-purpose vehi- cles income will not be sufficient to cover its expenses. 3. Interest income is based on a variable rate, interest expenses on a fixed rate: If the reference rate decreases, there is a risk that the special-purpose vehi- cles income will not be sufficient to cover its expenses. 4. Interest income and expenses are based on a variable rate: In case where interest income and expenses are linked to different reference rates, there is a risk that these rates will develop differently ().

Foreign exchange risk is comparable to the described under Item 4 above in cases where income and expenses are in different currencies and their relationship changes due to fluctuations in exchange rates.

The market risks described above can be hedged with common interest-rate and currency derivatives. As securitization transactions primarily focus on man- aging credit risks, special emphasis should be placed on hedging market risks.

2.3.2 Liquidity Risks As mentioned in the introduction to this chapter, it is necessary to distinguish between balance-sheet and market-related liquidity risks in a securitization trans- action.

24 Best Practices in Risk Management for Securitized Products

Balance-sheet liquidity risks arise when the special-purpose vehicle experien- ces a temporal mismatch between incoming and outgoing payments. These risks can largely be avoided if clear-cut schedules are established for incoming and outgoing payments over the term of the transaction and if these payments are effected on time. Liquidity risks can also arise due to payment delays caused by market and credit risks.

Incoming payments are subject to prepayment risk as well as credit and . Prepayment refers to a situation in which debtors exercise any existing rights to repay claims early. This early repayment reduces the spe- cial-purpose vehicles incoming interest payments, which may then be insuffi- cient to service the investors claims. Quantification approaches for prepayment risk are discussed in more detail in chapter 3.

The incoming payments in a securitization deal might also deviate from orig- inal forecasts due to changes in the composition of the pool of receivables. Depending on the specific structure of the transaction, common measures include the ex post substitution of receivables and the replenishment of the pool. The latter is a regular occurrence in pools of revolving debt and in asset-backed commercial paper programs.

In order to avoid balance-sheet liquidity risks, the payment structures in securitization transactions are usually equipped with various mechanisms which allow outgoing payments to be modeled on the basis of actual incoming pay- ments. Like credit risks, liquidity risks are thus limited before they are distrib- uted among the investors and other parties involved. At the same time, this also enables payment flows to be tailored to the specific needs of the investors.

A comprehensive presentation of these diverse and constantly developing mechanisms would go far beyond the scope of this document. However, a few common mechanisms are presented below: — Management of payment flows (pass-through, pay-through) — Arrangement of interest and repayment agreements (pro rata, sequential, targeted, planned, continuous, bullet) — Definition of early amortization criteria — Use of liquidity facilities.

In pass-through structures, interest and principal payments from the pool of receivables are passed on directly to the investors, thus subjecting them to pre- payment risk in particular. In a pay-through structure, the timing of payment flows is managed actively, thereby leading to substantial reductions in liquidity risk. Pay-through structures can be based on various forms of interest and prin- cipal repayment agreements. Under pro rata payment arrangements, incoming payments are distributed among the various tranches in the pool on a pro rata basis, while sequential payment involves servicing the senior tranches prior to the junior tranches. The course of amortization (i.e. repayment) over time can be dependent on the actual payment flows from the pool of receivables (tar- geted amortization), or independent of them within defined limits (planned

25 Best Practices in Risk Management for Securitized Products

amortization). The mode of repayment can involve continuous amortization or a bullet payment at maturity.

Another mechanism for avoiding liquidity risks from the investors perspec- tive is the use of early amortization criteria. In such mechanisms, the fulfillment of defined criteria — such as an increased prepayment rate or the termination of revolving debt — triggers the early amortization of the bonds issued to the investors in order to protect them from foreseeable risks. Early amortization criteria are not necessarily restricted to liquidity risks, they can also be used to account for credit and market risks.

Liquidity risk is especially high in the relatively short-term receivables (and likewise in the short-term refinancing) found in asset-backed commercial paper programs. For this reason, ABCP programs often use liquidity facilities to secure payments to commercial paper investors.

Market-based liquidity risks may arise, for example, when not all of the bonds issued can be placed on the primary market, thus causing liquidity shortages for the special-purpose vehicle issuing the bonds. This form of liquidity risk is also especially relevant in ABCP programs which have to market commercial paper issues at brief intervals. In order to this risk, liquidity facilities are used here to offset market disruptions. However, market-based liquidity risks also arise for investors in cases where they cannot liquidate their bonds at the desired price at any given time due to a lack of liquidity on the secondary markets. Such a situation would force investors to pursue a buy-and-hold strategy.

2.3.3 Operational Risks In the category of general operational risks, this guideline only addresses the securitization-specific agency risks which result from the numerous contractual relationships among the parties involved in a securitization transaction, in com- bination with the existing information asymmetries between the parties. As the principal, the special-purpose vehicle commissions the other parties involved (agents) without being able to monitor their actions directly. This leaves the agents a certain latitude for discretionary action which they could use to their own benefit and to the detriment of the special-purpose vehicle as well as the investors (moral ). This agency risk is exacerbated in cases where the agent has access to specific information (e.g. defaults which become known to the servicer) and withholds it from the principal. Examples of potential agency risks include the following: — Disregard for the criteria defined for selecting receivables on the part of the originator — Failure to report losses on the part of the servicer — Lack of motivation on the part of the servicer to collect receivables on time and as completely as possible, as the securitization is intentionally drawn on as insurance against losses — Insufficient monitoring of the transaction by the trustee or the violation of payout arrangements — Attempts to exercise influence on rating calculations and

26 Best Practices in Risk Management for Securitized Products

— Maximization of fee income by the arranger or the bank syndicate at the expense of the available payment flows.

The avoidance of agency risks is to be ensured in the structuring of the trans- action and in ongoing risk monitoring.

2.4 Legal Risks This guidelines presentation of legal risks is not intended to address specific legal regulations. Especially at present, the relevant legal and regulatory frame- works are in a state of transition, which means that such an approach would make it impossible to ensure that the guideline is up to date. Instead, this section discusses generally relevant risk considerations related to legal and regulatory issues. On this basis, the legal risks relevant to various securitization structures can be derived for a specific legal framework.

Even in the structuring stage of a securitization transaction, the originator has to resolve a number of legal issues in order to ensure the desired general legal treatment of the structure. These issues are mainly rooted in commercial law, supervisory law and tax law, with civil law and corporate law also playing a secondary role.

Should a debtor, originator or another party involved file for bankruptcy in the course of a securitization transaction, it is necessary to ensure the enforce- ability of claims for the other parties involved. In such cases, a variety of issues under corporate law and bankruptcy law (as well as closely related issues in civil law) will have to be resolved. From a risk management perspective, it is also important to resolve these issues in the very early stages of the transaction in order to increase awareness of potential later risks.

Moreover, additional legal issues need to be addressed in connection with banking privacy, data protection, as well as disclosure and auditing require- ments, as the high availability of information is essential in order to ensure mean- ingful and effective risk management.

In securitization transactions, it is necessary to examine all three areas of potential legal risks in light of the current legal and regulatory environment. In cross-border transactions, these requirements also have to be reviewed for all legal jurisdictions involved, which can require a great deal of additional effort in the structuring stage.

2.4.1 General Treatment In deciding to securitize assets, the originator aims to transfer risk and, in the case of a true-sale structure, ownership of the receivables to the special-purpose vehicle. This objective can only be attained with due attention to the relevant commercial, tax and supervisory regulations in each country.

Under commercial law, the removal of receivables from the balance sheet (i.e. derecognition) is often only recognized once the originator no longer bears

27 Best Practices in Risk Management for Securitized Products

any of the economic risks associated with the receivables. This means that even though ownership might have been transferred under civil law, the receivables may still be assigned the originator under commercial law and treated as a loan which is secured by the receivables and granted to the originator by the special- purpose vehicle (reclassification risk). In general, preliminary or excessively high discounts, repurchase agreements, the assumption of first-loss positions, and clean-up calls are considered detrimental to the complete transfer of eco- nomic risks if they leave the originator exposed to substantial risks of this type. For this reason, an originator making large investments in tranches of its own securitized receivables may also be subject to critical review. It is therefore advisable to resolve commercial law issues with the help of auditors and legal counsel at an early stage.

In addition to ensuring the legal derecognition of receivables on the balance sheet, it is also necessary to examine the circumstances under which the assets of the special-purpose vehicle have to be consolidated with those of the origi- nator under commercial law (consolidation risk). In such cases, the receivables and the accompanying risks could remain in the groups balance sheet even if the transfer of assets from the companys balance sheet is recognized. In cases of consolidation under commercial law, this could bring about a situation in which the reduction of regulatory capital requirements intended in a securitization deal is not (or only partially) attained, or the receivables might be considered part of the originators estate and not allocated directly to the investors if the originator files for bankruptcy (see also section 2.4.2).

From the regulatory perspective, securitization transactions can bring about a reduction of regulatory capital requirements if credit risks are transferred (cf. recognition risk). Credit risks partly retained or repurchased by the originator are to be taken into account in determining capital requirements under appli- cable regulations and may limit the desired effect of reducing capital require- ments. The regulatory treatment of a securitization deal can also differ from its treatment under commercial law. In cases of doubt, it is advisable to consult the competent authority regarding regulatory treatment of the transaction at an early stage. In chapter 6, the rules set forth for regulatory treatment under Basel II are covered in brief.

In the tax treatment of a securitization transaction, taxes on profits, value- added tax and other transaction taxes are of particular relevance. Taxation issues often become particularly complex in securitization transactions because the special-purpose vehicle is frequently established abroad. Therefore, it is first necessary to identify the countries in which the parties involved in the transac- tion are incorporated and which assets, , income, expenses, and services can be assigned to which places of business (allocation risk).

The revenues and expenses of the special-purpose vehicle are generally structured in such a way that it does not earn a profit and is therefore not subject to taxation. Should payment deferrals arise, however, this can cause periodic accrual and deferral problems which may bring about unexpected tax liabilities

28 Best Practices in Risk Management for Securitized Products

(accrual/deferral risk). When receivables are sold, the originator may also record paper profits or losses which might be subject to taxation.

As regards the treatment of the transaction under value-added tax regula- tions, it is necessary to define precisely which services are provided by the par- ties involved, whether they are generally subject to value-added tax, and how the assessment base is to be calculated (value-added tax risk). If the originator handles servicing for a fee, this compensation may be subject to value-added tax depending on the special-purpose vehicles place of incorporation. It is also important to consider whether the assumption of risks by the special-purpose vehicle is considered a service subject to value-added tax, which could create a value-added tax liability for the originator. Furthermore, it is advisable to take into account whether the originator and the special-purpose vehicle are entitled to an input tax deduction and whether the effective value-added tax burden can be reduced in this way.

In true-sale securitization structures, additional transaction taxes and fees may be required if the sale of receivables and the accompanying collateral is sub- ject to taxation. In Austria, for example, this applies to the transfer of mort- gages when residential construction loans are securitized.

The tax risks involved in securitization can be minimized by careful struc- turing and — wherever possible — by obtaining binding opinions from legal coun- sel and tax authorities at an early stage. Any remaining tax risks are generally easy to quantify in risk management.

2.4.2 Enforceability of Claims Bankruptcy on the part of the special-purpose vehicle or originator during a securitization transaction can bring about considerable risks with regard to the enforceability of the involved parties claims. As regards the special-purpose vehicle, appropriate measures should be taken to avoid bankruptcy as far as possible by means of contractual agreements and by selecting a suitable legal form of business organization (usually a trust or partnership). In the case of bankruptcy on the part of the originator, it is important to enable the special- purpose vehicle to collect receivables and collateral completely and in a timely manner with due attention to bankruptcy and civil law regulations.

In order to avoid bankruptcy on the part of the special-purpose vehicle, its business activities should be limited to the purchase and securitization of risks. No-petition agreements can be used to ensure that only the investors can file for bankruptcy on the part of the special-purpose vehicle, at least for a limited time period (e.g. the term of the transaction). Additional can be derived from no-recourse clauses, in which all of the special-purpose vehicles contract partners waive their right to sue for claims until after the transaction is com- pleted. Moreover, the special-purpose vehicle should also be isolated from the originator (e.g. with regard to consolidation requirements) in order to ren- der the SPVs assets bankruptcy-remote in the event of bankruptcy on the part of the originator. Despite comprehensive hedging with additional measures,

29 Best Practices in Risk Management for Securitized Products

there will still be a slight risk of bankruptcy on the part of the special-purpose vehicle (bankruptcy risk).

In practice, special-purpose vehicles are generally incorporated in third countries (e.g. the Channel Islands, Cayman Islands, etc.) or in another EU country (e.g. Ireland, Luxembourg, Netherlands). The most commonly cited reasons for incorporating special-purpose vehicles abroad are as follows: — Availability of bankruptcy-proof legal forms of business organizations, such as Anglo-Saxon trusts or partnerships — Low incorporation fees and ongoing administrative costs — Favorable tax treatment.

In securitization risk management, other jurisdictions (such as that of the special-purpose vehicle) might be relevant in addition to the jurisdiction to which the originator is subject. This is especially true when receivables gener- ated in various countries are securitized (e.g. a portfolio of internationally diver- sified commercial real estate receivables). In this context, the following issues typically arise with regard to conflicts of law: — Will the competent courts in the originators place of incorporation recog- nize the sale of receivables if the originator files for bankruptcy? — Which relevant regulations exist in the legal system of the country where the receivables were generated?

In the case of bankruptcy on the part of the originator, there is a danger that the receivables and collateral (or the payments arising from them) transferred to the special-purpose vehicle might be allocated to the originators bankruptcy estate (risk of repudiation). This can be the case regardless of whether such assets are consolidated with those of the originator or not. If the receivables and collateral are assigned to the originators bankruptcy estate, they will only be available to the special-purpose vehicle and investors in part or with a delay. This can result in payment disruptions for the special-purpose vehicle (realiza- tion risk).

The risk of repudiation arises from various legal regulations. First, civil law considerations and other reasons might render the assignment of receivables and collateral invalid, for example in cases where the debtor has agreed to a no-assignment clause or the receivables have already been assigned to another party. In the case of mortgage collateral, assignment is sometimes not con- sidered effective under civil law until the debtors credit standing deteriorates; this minimizes the costs incurred for entries in the property register. If the orig- inator files for bankruptcy, however, the assignment of mortgages may not be considered effective, meaning that they would be allocated to the originators estate and not to the special-purpose vehicle. There may also be disputes in cases where the treatment of assets under bankruptcy law is based on their treatment under commercial law. Receivables and collateral might be deemed part of the originators bankruptcy estate in cases where the receivables were not removed from the balance sheet under commercial law, or where the special-purpose vehicle is subject to consolidation requirements (cf. section 2.4.1). In addition,

30 Best Practices in Risk Management for Securitized Products

other creditors claims can also lead to challenges against the transfer of receiv- ables, for example if the securitization transaction was detrimental to the inter- ests of bankruptcy creditors (preference risk).

Realization risk has both a temporal and a monetary component, as the sale of receivables and collateral by the bankruptcy administrator can cause a delay as well as a reduction in payment flows. For example, the bankruptcy administra- tor might withhold fees for the collection of receivables and collateral under the applicable fee schedule, and the administrator is generally not legally required to adhere to deadlines during bankruptcy or compulsory auction proceedings. In principle, it is also possible that receivables which have not been settled in full by either side are terminated prematurely by the bankruptcy administrator and therefore rendered void. The special-purpose vehicle and the investors would thus lose expected interest payments. The possible premature termination of receivables is discussed especially in the securitization of leasing and rental receivables. Receivable amounts may also be reduced if the bankruptcy admin- istrator recognizes offsetting positions (setoff risk). Offsetting positions can arise, for example, if the debtor holds savings deposits with a bank as well as a mortgage-backed construction loan. In the case of bankruptcy on the part of the bank, the amount of the mortgage-backed receivables might then be reduced by the amount of the savings deposits in order to secure the debtors claims. Another noteworthy aspect of realization risk is the risk of assets being commingled (commingling risk): If the payment flows from a securitization transaction are handled by a bank acting as paying agency, it may not be possible to differentiate between financial funds arising from the securitization trans- action and other funds if the bank goes bankrupt. The bankruptcy administrator might then use those funds to satisfy the general claims of creditors without being obligated to pass the funds on to the special-purpose vehicle.

Realization risks can also arise in cases where servicing is not handled by the special-purpose vehicle itself. Should a debtor go bankrupt, the servicer will only be authorized to realize assets in cases where it is the owner of the receivables to be collected. However, this is not generally the case in a typical securitization transaction. This risk can be avoided by transferring defaulted receivables from the special-purpose vehicle to the servicer for collection.

From a risk management perspective, the best means of ensuring the enforceability of claims is to structure the securitization carefully and in close coordination with legal counsel and rating agencies.

2.4.3 Availability of Information In order to define the pool of receivables underlying a securitization transaction, to assess the risks it involves, and to realize collateral in cases of bankruptcy on the part of debtors, at least the servicer, the investors and the rating agencies will require precise and detailed information. Due to data protection regula- tions, personal information cannot generally be passed on without certain restrictions. If the originator is subject to banking secrecy requirements, these regulations also have to be upheld. In general, this risk can be mitigated by

31 Best Practices in Risk Management for Securitized Products

obtaining permission from the debtors to pass on such data. However, banks are often hesitant to obtain this permission for economic reasons and in order to protect their customer relationships (data transfer risks).

It is especially important to ensure the availability of information and the ability to pass on data easily in cases where the originator does not perform the duties of servicer. Even in cases where data can be shared legally with the servicer, new risks may arise in connection with a substitute servicer in cases where the first servicer goes bankrupt.

For the purpose of ongoing risk assessment by rating agencies and investors, it is essential to ensure that sufficient and up-to-date information is made avail- able to the parties involved by fulfilling all applicable disclosure and auditing requirements. In structuring the transaction, the parties involved can also make explicit agreements as to the time and extent of data exchanges.

2.5 Relevance of Risks to the Parties Involved The risks discussed above are relevant to those parties involved in a securitiza- tion transaction who have to bear the economic effects in cases where risks are realized. In risk management for individual parties, it is crucial to maintain as much transparency as possible with regard to the risk positions taken in a securi- tization transaction in order to enable a sound assessment of their potential eco- nomic effects. Therefore, all of the risks described above are basically relevant to the parties analyses of risk positions in a securitization transaction.

However, these risks have a different level of relevance for originators and investors, whose specific risk situations are described briefly below. In the case of the originator, the danger of an incomplete risk transfer deserves attention. For the investors, the foremost danger is that they may ultimately be required to bear risks which are not explicitly hedged in the securitization transaction.

2.5.1 Incomplete Transfer of Risk from the Originator When distributing credit risk, the originator usually takes the first-loss position, which involves considerable credit risk, while the other (less risky) tranches are sold to the investors. Therefore, if the originator securitizes substantial portions of its receivables, this may result in a significant increase in risk relative to the total receivables of the originator. In risk management, this increased risk should be accompanied by suitable countermeasures, for example an increase in the equity ratio.

In synthetic securitization transactions, the originator will be required to assume the entire structural risk and possibly parts of the credit risk involved. The definition of credit events used in connection with the derivatives employed does not generally imply a transfer of market and liquidity risks. For example, the special-purpose vehicle will not make payments to the originator in cases where interest-rate or prepayment risks are realized, thus the originator will have to bear those risks.

32 Best Practices in Risk Management for Securitized Products

Financial covenants are often utilized to ensure that the originator as well as the servicer perform their duties in a certain manner and fulfill specific require- ments for the purpose of limiting . However, this means that these parties explicitly bear the agency risk involved, which must be mitigated by in-house risk management accordingly.

Furthermore, the originator also usually takes on the majority of legal risks by assuming liability (through indemnity declarations) for the legal recognition of the transactions structure and by guaranteeing its general stability. In risk management for the originator, binding legal opinions should be obtained from legal counsel during the structuring process in order to ensure the greatest pos- sible transparency with regard to legal risks. This also means that attorneys will be required to assume some of the legal risks.

2.5.2 General Risks Assumed by the Investor Ultimately, the investors bear all of the securitization risks which are not explic- itly assumed by another party.

The credit risk arising from an individual securitization deal is distributed in its entirety among the parties involved. From the investor banks overall per- spective, however, the investors are subject to the additional risk of securitiza- tion positions correlating strongly with other positions outside of the securiti- zation transaction, thus giving rise to concentration risks. For example, one of the debtors included in the securitization transaction might also be indebted to the investor in the course of its usual business activities. This means that the securitization deal would bring about a substantial increase in the credit risk arising from that debtor.

It is far more difficult to identify the remaining structural risks borne by the investors. Therefore, investors should also pay special attention to analyzing the distribution of the market, liquidity and operational risks involved a securitiza- tion transaction. When dealing with operational risks, it is important to ensure that they are limited effectively and directly where they originate (i.e. mainly with the originator and servicer), for example by setting up financial covenants.

Legal risks which are not explicitly taken on by the originator or other par- ties by means of indemnification or structural guarantees are borne by the investor.

3RiskMeasurement Having described the risks relevant to securitization transactions in the previous chapter, we can now present various approaches to quantifying these risks. Effective risk management rests upon the quantitative assessment of risks. For this purpose, the term risk itself is defined and explained on the basis of several fundamental considerations regarding the extent to which risks can be quantified. Approaches to quantifying credit risk have developed to a rela- tively sophisticated level; these are discussed with attention to established credit

33 Best Practices in Risk Management for Securitized Products

portfolio models in section 3.1. At present, only a few specific forms of struc- tural and legal risks can be quantified; most of them cannot. On the basis of relevant examples, these quantification approaches are explained in section 3.2 for structural risks and in section 3.3 for legal risks. In our discussion of approaches to quantifying structural risks in section 3.2, we also briefly deal with cash flow models which can be used to enable a more integrated view of various risk types. Due to the large number and high complexity of risks asso- ciated with securitization, risk management should not be confined to a single quantitative method but always employ multiple quantitative and qualitative procedures.

3.1 Defining and Quantifying Risk In this guideline, the term risk is defined as the possibility that a state arising at a certain time in the future will deviate from the state expected at that time (i.e. an unexpected change of state). It is also possible that the state expected in the future will already differ from the present state (i.e. an expected change of state). In both cases, this change of state is assumed to be a negative deviation. Therefore, risk quantification in this guideline is always based on losses. Against this backdrop, the risk associated with securitization positions can be quantified on the basis of the loss distribution for a certain future point in time. The meas- ures used in this context are unexpected loss and expected loss, which are also used for risk quantification under the Basel II framework.

Modeling focuses on a number of different specific aspects in the various approaches to quantifying risk types. As regards credit risk, modeling concen- trates on the risks arising from the pool of receivables and the distribution of these risks across credit enhancements and tranches. While common credit portfolio models can be used to quantify risks from the pool of receivables, they are not designed to quantify the distribution of credit risk across individual tranches in a securitization transaction. With regard to structural risks, modeling focuses on additional aspects such as the temporal distribution of risks and the robustness of cash flows based on various future stress scenarios. The most popular quanti- fication approaches used for this purpose are cash flow models. Insofar as they can be quantified, legal risks can likewise be included in these models.

The significance of quantitative risk values generated by individual models depends on both the calculation models themselves and the quality of the data used for quantification. In general, sophisticated models and a comprehensive data basis are available for the quantification of credit risks. In the case of legal and structural risks, on the other hand, modeling approaches which might be applied in theory yield results of limited significance due to practical difficulties in data acquisition. Another difficulty is the fact that the future losses arising from these risk types are highly improbable but usually all the more substantial. In this context, an imprecise data basis can drastically augment uncertainties in risk quantification. For example, the probability of bankruptcy on the part of the originator is very low (and hardly measurable on the basis of historical data), but the resulting losses are likely to be considerable for the investors in a securi- tization transaction.

34 Best Practices in Risk Management for Securitized Products

The risk quantification approaches presented in this chapter are described not only in terms of their modeling fundamentals but also in terms of the data required and their availability. This discussion also includes the tools available for risk quantification as well as the results to be obtained using these tools. In this context, we also point out an additional demand in risk management for securitization transactions: The source and significance of the quantitative risk estimates used must always be examined in a critical light.

3.2 Approaches to Quantifying Credit Risk In this section, we discuss the quantification of credit risk based on the explan- ations in section 2.2. In this context, it is first necessary to quantify the risks in the pool of receivables and to identify the credit risks caused by the other parties involved. Then the amount of the credit risk assumed by credit enhancers and investors has to be determined (limitation and distribution).

3.2.1 Origin of Credit Risk Quantifying the credit risks in a securitized pool of receivables is not fundamen- tally different from quantifying risks in a general credit portfolio. Therefore, the explanations given in this guideline are confined to the basic aspects of quanti- fying credit risks in a pool of receivables.

The credit risks in a pool of receivables are first quantified at the level of individual loans and then aggregated at pool level. For the purpose of quantify- ing risks at the individual level, they are generally divided into two components: The (PD) and the severity of the loss. The severity of the loss is, in turn, calculated on the basis of the amount outstanding at the time of default (, or EAD) and the (LGD). When aggregating risks at pool level, it is also necessary to take correlations into account in order to quantify diversification effects in the pool of receivables.

The distribution of losses in the pool can be calculated either analytically or using numerical simulation methods. Due to the high level of complexity in such calculations, a closed analytical procedure is not possible in most cases. The parameters (including correlations) necessary for the simulation methods are generally estimated on the basis of historical data, through market-oriented analyses, or by derivation from existing ratings as a special form of historical analysis. The tools that can be employed in calculating loss distributions include various commonly used credit portfolio models (e.g. Credit Monitor, Credit Metrics, Credit Risk+). In this context, the suitability of a credit portfolio model depends heavily on the respective type of underlying receivables. For example, modeling credit card receivables or residential construction loans involves requirements which credit portfolio models might only fulfill to a lim- ited extent (e.g. a lack of possibilities to model variable utilization in the case of credit card receivables).

The requirements stipulated under Basel II for data management relevant to credit risk quantification indicate that the data available for quantifying credit risks in pools of receivables will continue to improve.

35 Best Practices in Risk Management for Securitized Products

The credit risks arising from the potential default of other parties involved in a transaction (e.g. the servicer) are not usually included in loss distribution calculations for the pool of receivables; these risks are generally calculated sep- arately. In many cases, the probability of default is approximated using the other partys corporate rating, and the assumed loss amount is a complete default on all of the partys contractual payment obligations.

3.2.2 Limitation and Distribution This section presents a schematic example of how credit risks can be distributed across the individual tranches in a securitization transaction. Furthermore, the issue of how risks are assumed by means of credit enhancements is covered.

First, the table below defines the tranche thicknesses in a simplified securi- tization transaction, with the thicknesses reflecting each tranches share in the nominal value of the underlying pool of receivables. It is also necessary to decide on the order in which the tranches will have to bear any losses incurred. This gives us the credit enhancement level, which refers to that portion of a pool of receivables in which claims are subordinate to a given tranche. Table 2 shows tranche thicknesses and credit enhancement levels for a sample securitization transaction: Table 2

Tranche Tranche Thickness Credit Enhancement Level

Senior tranche 80% 20%

Junior tranche 15% 5%

First-loss piece 5% –

It is now possible to derive the loss distribution for each tranche on the basis of its size and credit enhancement level. For this purpose, we first determine the relationship between the pools loss distribution and the corresponding losses arising in a certain tranche. This makes it possible to calculate each tranches loss distribution by assigning probabilities to the tranches loss values. From the tranches loss distribution, we can then derive a quantification of risk in the form of expected and unexpected loss.

Chart 6 shows an example of how the loss distribution is calculated for an assumed junior tranche of 15%. Even in this schematic example, the tranches loss distribution does not exhibit a continuous distribution function but shows steps at the transitions to the adjacent tranches.

36 Best Practices in Risk Management for Securitized Products

Chart 6

This calculation of the loss distribution for individual tranches does not yet account for the risk-mitigating effects of any credit enhancements used. The cal- culation of credit risks covered by credit enhancements is explained briefly below for the credit enhancements mentioned in section 2.2.2.

In the case of overcollateralization, the reduction in credit risk results from the difference between the nominal value of the receivables in the pool and the value of the bonds issued. Both values can be determined reliably in securitiza- tion transactions. With regard to excess spread, the reduction in credit risk arises from the difference between incoming interest payments from the pool of receivables and outgoing interest payments to the investors. However, this dif- ference is subject to market and liquidity risks and depends on specific payment arrangements in the securitization structure. The credit-enhancing effect of excess spread should therefore be examined with great care. In cases where the originator signs a repurchase agreement, the amount of the risk assumed is mentioned explicitly in the agreement. In general, this also applies to the credit enhancements, for example in the form of letters of credit, pledges, or credit insurance policies.

In contrast to the credit risks in the pool of receivables, hardly any commer- cial tools are available for the purpose of quantifying credit risks for individual tranches and credit enhancements. The calculation models used in practice gen- erally model all of the other cash flows in a securitization transaction as well as the distribution of credit risks, thus also covering structural and some legal risks. These cash flow models are often created by the parties involved and adapted specifically to individual transactions, either independently or with

37 Best Practices in Risk Management for Securitized Products

the help of external experts. This frequently involves considerable time and expense, which should be taken into account when carrying out securitization transactions. Quantifying the distribution of credit risks involves special data requirements with regard to tranche sizes and credit enhancement levels. These values are elementary components of a securitization structure, so in general they should be readily available.

3.3 Quantification Approaches for Structural Risks Specific forms of structural risk vary widely in terms of their ability to be quan- tified. While market and liquidity risks can generally be quantified without great difficulty, operational risks are more difficult to record and can usually only be captured in qualitative terms.

Quantifiable structural risks are usually captured in cash flow models which use defined assumptions to simulate all of the payment flows arising over the term of a transaction, including specific payment structures (cf. section 2.3). By simulating various scenarios (including external ones), it is possible to approximate the loss distribution — and thus also the overall structural risks — for a securitization position. Common credit enhancements (e.g. interest and currency derivatives) can be integrated in order to limit these risks to such an extent that they will no longer cause significant payment disruptions in a securitization position, even in extreme scenarios.

3.3.1 Market Risks Market risks are subdivided into the categories of interest-rate and currency risks. As these risks are relevant to banking transactions beyond securitization, quantification models are available for both types of risk. In general, stochastic processes are used as a basis for modeling the development of interest rates and exchange rates, and the resulting values are then used as input parameters in cash flow modeling.

3.3.2 Liquidity Risks As regards balance-sheet liquidity risks, cash flow models have to account for prepayment risk by means of the prepayment rate. This rate is influenced by a number of factors: First, the general development of interest rates has to be considered, as falling interest rates will lead to increases in debt rescheduling. After a period of low interest rates, a pool of receivables might become less sensitive to later changes in rates and thus show a lower prepayment rate (burn- out). Moreover, it can be proven that prepayment risk rises as the age of a loan increases. The extent to which the prepayment rate is affected by the debtors credit rating is debatable. On the one hand, poorly rated debtors will make efforts to adapt their loans to better terms and conditions quickly. On the other hand, debtors with good ratings will always be able to obtain the best terms and conditions and will thus enjoy stronger prepayment incentives. With the help of multi-factor models, a prepayment rate can be derived from these influencing factors and used as an input value for cash flow modeling.

38 Best Practices in Risk Management for Securitized Products

Many practitioners make the simplifying assumption that the prepayment rate is constant over time (i.e. a constant prepayment rate, or CPR) or follows a predefined pattern such as that specified by the Association (BMA; formerly the PSA). The BMA assumes that the prepayment rate for real estate loans is 0.2% in the first year and then shows a linear increase to 6% after 30 months. For longer periods, this prepayment rate is assumed to be constant.

Other balance-sheet liquidity risks (e.g. due to changes in pool composition) are generally accounted for by applying various standard discounts to the expected payment flows in the cash flow models. The amount of such discounts is determined by past experience.

Market-oriented liquidity risks are often mitigated by means of liquidity facilities. In order to quantify the risks involved, it is necessary to define the circumstances under which these facilities can (or must) be drawn upon as well as the period and amount in which they can be utilized. This information makes it possible to forecast the probability of drawing and the corresponding drawing amount in cash flow models. In addition, this can also be used to determine the (usually low) probability of default on these facilities, as well as providing an indication of the expected loss by multiplying the values.

3.3.3 Operational Risks Operational risks are generally not quantified in cash flow models. Due to the few cases available and the newness of the instrument, it is not generally possible to derive statistically significant observations of realized operational risks from past securitization transactions. For the same reason, tracing opera- tional risks back to the underlying risk factors will only yield risk statements of limited value. For the purpose of indirect risk quantification, statements as to the credit standing of the parties involved (in the form of external ratings) are the most suitable data available. Strictly speaking, however, these statements only cover credit risk and not operational risks. Therefore, qualitative methods should be used in securitization risk management wherever possible in order to account for operational risks.

3.4 Quantification Approaches for Legal Risks The vast majority of legal risks cannot be expressed in quantitative terms (e.g. reclassification risk, risk of bankruptcy on the part of the special-purpose vehi- cle) and should be limited wherever possible by means of the transactions struc- tural design as well as binding opinions from legal counsel. The only legal risks which can be quantified are the tax risks arising from the general tax treatment of the structure and realization risks in the enforcement of bankruptcy claims. These quantifiable risks can be included in cash flow models.

3.4.1 General Treatment Tax risks can be quantified according to the corresponding methods of calculat- ing taxes. For this purpose, the tax base and the applicable tax rate are to be determined in specific cases.

39 Best Practices in Risk Management for Securitized Products

With regard to value-added tax, for example, one topic of discussion is the fact that servicing (by the servicer) and the assumption of risk (by the special- purpose vehicle) are services which may be subject to value-added tax. If we assume a servicing fee of 1% p.a. of the pools nominal value and a value-added tax rate of 20%, the tax risk exposure for this service would equal 20 basis points. As regards the taxation of risk assumption, one could assume that the tax base for this service is determined by the amount of the discount on the purchase price. If we assume a 3 to 9% discount, this would bring about a value-added tax risk exposure of 60 to 180 basis points. The rudimentary quan- tification approach presented here can also be transposed onto other tax types and enables an initial estimate of tax risks which would then have to be specified on the basis of the actual legal agreements drawn up in individual transactions.

3.4.2 Enforceability of Claims With regard to the enforceability of claims in the cases where one of the parties involved goes bankrupt, risk quantification involves determining the amount of the potential loss as well as the time over which the loss is incurred.

Bankruptcy proceedings frequently involve fees which can be used directly in risk quantification calculations. Examples include fees for the transfer of mortgages, amendments to the property register, or the collection of receiva- bles and collateral by the bankruptcy administrator.

Other types of realization risk can only be quantified using inexact approaches or with considerable effort. In the case of setoff risk, the amount held by the debtor as a claim against the originator (e.g. in the form of savings deposits) has to be determined. While precise calculations seem possible in small pools of receivables (given sufficient data availability on the originators part), large pools of receivables require approximation assumptions. For exam- ple, one might relate a portion of the originators total savings deposits to the value of the pool. Commingling risks can be quantified on the basis of the aver- age amount of cash flows passing through the paying agency and the average time the funds are held by the paying agency. In this context, generalized assumptions also have to be made.

4ExternalRatings Securitization transactions involve a wide variety of risks which have to be captured using specific quantification approaches. Risk management for securi- tization transactions will therefore require relatively intense analysis and monitoring effort on a regular basis. This chapter presents the manner in which external parties assign credit ratings as well as the resulting conclusions for the purpose of risk management. This investigation is based on publicly accessible materials from the rating agencies Moodys, Standard & Poors, and Fitch.

In section 4.1, we begin by explaining the general meaning of ratings and their functions in securitization transactions. The essential functions of a rating

40 Best Practices in Risk Management for Securitized Products

include initial credit assessment as well as the ongoing monitoring of risk in a securitization transaction. Sections 4.2 and 4.3 then deal with the process used to determine an initial rating and to monitor it on an ongoing basis. This dis- cussion also includes examples of differences between individual rating agencies and is based on the fairly standardized rating process used for collateralized debt obligations (CDOs). The rating processes applied to securitization transactions involving other types of receivables are generally similar, but they are substan- tially more complex as they require consideration of the specific characteristics of each type of receivables (e.g. mortgage collateral in MBSs or the short-term, revolving characteristics of credit card receivables). Therefore, in our descrip- tion of the data required for external ratings in section 4.4, we also discuss the types of receivables for which specific rating processes and data requirements exist. Finally, section 4.5 discusses a number of conclusions which might be drawn from external ratings for the purposes of securitization risk manage- ment. Due to the special significance of this section, we would like to point out explicitly that the statements made here are only intended to provide gen- eral guidance for an optimal design of securitization risk management.

4.1 Function of External Ratings From the investors point of view, a rating is a comparative measure of the credit quality of an issuer or an issue. In this context, credit quality (or credit standing) refers to a general ability to meet interest and principal payment obligations completely and in a timely manner. The extent to which types of risk other than credit risk are considered in the case of securitization transactions will have to be examined later.

Ratings for securitization transactions are generally not based on the credit standing of an individual borrower or business unit (issuer ratings), but on the specific credit quality of the bonds issued in the transaction (issue rating). One special form of issue ratings is the program rating, which is generally used to assess the credit quality of asset-backed commercial paper programs. In this context, all rating agencies use a special short-term rating scale for commercial paper.

The rating itself does not make any quantitative statements regarding risk. The rating scale also generally provides a relative and not an absolute measure of credit quality, which means that twice the distance between two ratings on a scale does not necessarily mean that the difference in credit quality is doubled. Quantitative statements on risks in individual rating classes are generally made ex post, for example by calculating the historical default probability for a certain class. Without such additional analyses, it would not generally be possible to calculate expected or unexpected loss as a quantitative risk value based on a securitization tranches external rating.

Even rating agencies agree that ratings merely contain opinions on credit quality generated using quantitative and qualitative criteria. Therefore, an external rating can also be influenced by the agencies subjective estimates and cannot usually be reproduced externally in all aspects, even in cases of com-

41 Best Practices in Risk Management for Securitized Products

plete transparency and disclosure of all criteria and processes. As a result, it is possible that the same securitization structure could be assessed in different ways by various rating agencies and thus be assigned different external ratings.

The purpose of a securitization transactions external rating is no different from that of ratings assigned to other capital market instruments. From the investors perspective, the primary function of a rating is the independent assessment of the risk associated with investing in a given capital market instru- ment. In addition, the agencies ongoing monitoring of the rating should facil- itate risk management for the investors. From the originators point of view, ratings may offer the advantage of more favorable refinancing terms, as investors will be more willing to accept a lower interest rate for bonds with a solid exter- nal rating. External ratings, however, are not necessary in the private placement of securitization transactions, as the positive effects for the originator would be limited.

4.2 Initial Rating The creation of an initial rating for a securitization transaction can generally be subdivided into four steps: the preliminary stage, quantitative analysis, qualita- tive analysis, and the rating determination and completion stage. This section deals with the individual stages in detail and points out several examples of differences among rating agencies. The rating process for securitization trans- actions essentially differs from that of other capital market instruments only in its quantitative and qualitative analyses, which are therefore the focus of this section. The creation of an external rating for a new securitization structure generally takes approximately three months; this time period is to be taken into account accordingly when planning a securitization transaction.

4.2.1 Preliminary Stage The rating process begins with a rating application submitted by the originator or arranger. Rating agencies first review the general motivation behind the securitization transaction and ascertain that the originator and servicer can gen- erally meet their obligations in the course of the transaction. For this purpose, the rating agencies might check these parties corporate ratings, among other things. In order to prepare for quantitative and qualitative analyses, the rating agencies request detailed data on both the portfolio of receivables and the parties involved in the transaction (see also section 4.4). The duration of the preliminary stage is thus heavily dependent on the availability of data among the parties involved.

4.2.2 Quantitative Analysis Quantitative analysis is performed by rating agencies in a three-stage procedure similar to the one described for internal risk quantification in chapter 3: Once the credit risks in the pool of receivables have been quantified, the individual tranches are assembled and the robustness of their credit quality is tested against various risks in the course of cash flow modeling. In this context, the various rating agencies apply differing modeling philosophies. Due to the large number of input variables, it is not possible to give a general assessment of the circum-

42 Best Practices in Risk Management for Securitized Products

stances under which this leads to systematic differences in ratings or in required credit enhancements. The basic structures of the various quantitative approaches used by rating agencies is outlined and compared using sample criteria below (cf. Chart 7). Chart 7

Source: Moody’s; FitchRatings; S&P; BCG-Analysis

The portfolio model used by Moodys is based on a standardized view of the portfolio to be securitized. The basis of this standardization is the assumption that the default behavior of the real portfolio can be simulated by a portfolio with identical (fictitious) receivables which are independent of one another. The number of these idealized receivables is referred to as the diversity score (D) and results from the concentration of the receivables in the pool to be securitized. In this standardized portfolio, the discrete probabilities of default for 0, 1, 2 ... to D of the idealized receivables is calculated analytically by means of binomial or log-normal distributions. Tranches are formed by defining the size and target (i.e. desired) rating first for each tranche. In this context, Moo- dys defines a maximum expected loss which can be permitted for each target rating. In the process of cash flow modeling, the loss incurred for a tranche is calculated for each of the D+1 default scenarios. This is weighted with the prob- ability of occurrence to obtain the expected loss. If the expected loss is above the predefined limit, either additional credit enhancements have to be provided or the tranche size and target rating have to be adjusted.

Standard & Poors uses the CDO Evaluator to quantify the risks in the pool of receivables. In this portfolio model, correlation assumptions and Monte Carlo simulations are used to calculate the probability distribution for the per- centage of defaults in the pool of receivables. In contrast to Moodys, Standard & Poors forms initial tranches by defining the maximum default probability per tranche, not by means of expected loss. The quantile corresponding to a

43 Best Practices in Risk Management for Securitized Products

tranches defined maximum default probability is then determined using the probability distribution of defaults. This quantile then represents the maximum tranche size. In the ensuing cash flow modeling process, tests are performed to establish whether or not the maximum tranche size demonstrates higher default probabilities in various extreme scenarios. The scenarios are designed in various ways depending on the desired rating of a tranche, and they include the severity of loss as well as a large number of other quantifiable risks. If the maximum tranche size does not undergo this cash flow modeling process successfully, addi- tional credit enhancements have to be integrated into the structure, or the tran- che size or target rating has to be adapted. Combinations of these measures can also be considered.

Fitch bases its quantitative analysis on the VECTOR model and follows an approach similar to the one used by Standard & Poors. One essential difference is that the VECTOR model takes correlations into account which differentiate between industries, regions and types of receivables using a factor model. In addition, the severity of losses is modeled for individual receivables depending on their default rate and then aggregated in the course of Monte Carlo simula- tions to yield the average loss amount for the overall portfolio. The loss amount is then used as an input value in the cash flow model. In addition, the cash flow model also includes the occurrence profile of defaults over time, prepayment rates, as well as changes in interest rates and exchange rates. Although the cash flow models used by Fitch and Standard & Poors are not fundamentally differ- ent, their relevant stress scenarios are defined differently. For example, Fitchs most extreme scenario is based on the assumption that 33% of the defaults in the portfolio of receivables will occur in the first year, while Standard & Poors assumes 40%.

A basic comparison of the quantitative models used by rating agencies shows a clear difference in the philosophies they apply. Moodys links its ratings to statements regarding expected loss, and the procedure used to calculate this fig- ure is highly analytical in nature. Standard & Poors and Fitch, in contrast, con- nect their ratings with a statement on the probability of default, that is, their ratings do not make explicit statements as to the amount of the loss incurred. In addition, these two agencies work more with simulations than with analytical procedures and use somewhat more complex assumptions and parameters. This is especially the case in the model used by Fitch, which takes the extent of losses (in addition to the default probability) into account in its simulation procedure, calculates correlations on the basis of a factor model, and uses a multi-step pro- cedure in its Monte Carlo simulations. As all models are subject to the same difficulties in calculating parameters, this higher level of complexity does not necessarily appear to yield more precise risk estimates. For example, minor inaccuracies in estimating correlations in the portfolio of receivables can have severe effects on tranche formation and the risks associated with each tranche. Judging from the available public information, the specific risk types taken into consideration in cash flow modeling are relatively similar and generally limited to credit risks and structural risks. Legal risks, on the other hand, are usually included in qualitative analysis.

44 Best Practices in Risk Management for Securitized Products

4.2.3 Qualitative Analysis Qualitative analysis serves as a supplement to quantitative analysis in two respects: First, this type of analysis deals with credit risks arising not from the pool of receivables but from other parties involved in a transaction, and sec- ond, qualitative analysis also takes potential legal risks into account.

In order to avoid credit risks caused by the other parties involved in a trans- action, these risks are subjected to thorough analysis. In this context, special emphasis is placed on analyzing the originator and servicer, including on-site visits and management interviews in addition to surveying and evaluating qual- itative aspects. In the process, rating agencies address a large number of relevant topics such as: — The companys strategic orientation and the managements experience — Financial stability — Key figures on staff development — Process flows for all relevant credit processes.

Therefore, qualitative analysis is basically an abbreviated corporate rating process which is repeated for the most important parties (originator, servicer) involved in a securitization transaction. In contrast, external ratings (if available) can also be used for less important parties (e.g. credit enhancers, trustees). Usually, the weakest link in the chain principle is applied in this context, that is, the rating of the credit enhancer and trustee must be at least as high as that of the best tranche in the securitization transaction. If the rating of one of the mis- cellaneous parties involved is downgraded in the course of the transaction, con- tractual agreements require them to be replaced.

As regards the avoidance of legal risks, rating agencies generally require a large number of binding opinions from law offices stating that specific legal problems cannot arise within a concrete securitization structure, or that arrangements have been made to avoid such problems. Should law offices be unable to give binding opinions, for example due to a generally unclear legal situation, this will have a negative influence on a transactions rating. If the remaining legal risk can be quantified, it is possible to set up reserve accounts instead of obtaining binding legal opinions; the originator could then deposit funds in an amount corresponding to the legal risk in order to provide collateral in case the risk is realized. The exact amount of these funds is calculated using the methods described in section 3.4 and can substantially exceed the expected losses in the pool of receivables in some cases. Differences between rating agen- cies may arise in estimates of legal risks; for example, not all rating agencies recognize mortgage collateral which is not transferred until a defined deterio- ration in credit quality occurs (contingent perfection). In order to protect investors, rating agencies will generally tend to act conservatively in the assess- ment of legal risks.

45 Best Practices in Risk Management for Securitized Products

4.2.4 Rating Determination and Completion Stage The ultimate determination of ratings for the various tranches is performed by the rating committee, which consists of several rating analysts. This decision is taken with due attention to all of the information gathered and evaluations per- formed in the course of quantitative and qualitative analysis. The final rating is usually determined two to three weeks before the end of the structuring stage in order to enable the rating to be taken into account accordingly when issuing prices are set. However, until the final completion of the structuring stage, any later changes to the structure of the transaction can still lead to a change in its rating.

The completion stage involves drawing up all necessary documents, espe- cially the pre-sales report summarizing the salient results of rating analysis for the investors. In these reports, rating agencies place great emphasis on giv- ing the investors as comprehensive a picture as possible of the risks associated with investing in specific tranches.

4.3 Ongoing Monitoring of Ratings The ongoing monitoring of ratings for securitization transactions hardly differs from the monitoring of other ratings. In general, a transaction is reviewed peri- odically. If there are signs of deviation from the existing credit quality assess- ment, it is placed on a watch list and, if necessary, the rating is adjusted once the rating process has been repeated.

For the purpose of ongoing monitoring, the servicer and the manager of the special-purpose vehicle are periodically requested to provide current data on the development of the securitization transaction, after which these data are compared to the original assumptions, such as expected defaults, prepayment rates, etc. In addition, the ratings and performance of the other parties involved in the securitization transaction are also monitored. Checks are generally car- ried out every 6 to 12 months due to the effort required for data collection and analysis. Special versions of the cash flow models employed in the initial rating process can be used in ongoing monitoring. In addition to regular mon- itoring activities, event-triggered reviews may also take place. For example, when a large company files for bankruptcy, the rating agencies always check the extent to which such an event could affect the ratings of securitization trans- actions in which that company is a debtor. Event-triggered reviews are also per- formed in cases where the rating of one of the parties (e.g. the servicer) is adjusted.

If a re-rating process has to be carried out, the models and systems used in the initial rating process can be used in order to reduce the required analysis effort, and the new rating can be made available relatively quickly. Current rat- ing developments can be followed on the usual information platforms or in rat- ing agency publications.

46 Best Practices in Risk Management for Securitized Products

4.4 Data Requirements Specific to Types of Receivables The main data requirement in this context is the individual debtors probability of default and the accompanying correlations. In general, four methods are available for this purpose, and the methods themselves essentially determine the data requirements.

In the simplest case, the debtors in the pool of receivables will already have an external rating from which the probability of default can be derived. This information then needs to be supplemented to include the debtors industry and country of origin, the amount receivable, the amount and rank of collateral provided, the currency, interest arrangements and other information on the specific account receivable. The precise specification of data requirements only varies slightly among different rating agencies and is published by each agency.

For receivables in the segment (including small and medium-sized enterprises), however, the originator will often have an internal rating for the debtor. In such cases, rating agencies attempt to transpose the originators rating scale onto their own rating scales using statistical methods. Thus the internal rating will be included as an additional data requirement.

If neither an external nor an internal rating has been determined for a debtor, the rating agencies indicate that either an average probability of default is assumed (e.g. in pools with a very large number of relatively small consumer loans) or specific models are used to quantify the probability of default (e.g. Moo- dys KMV Private Firm Model). In the latter case, the data requirements may increase significantly compared to the previously described cases. This also lengthens the securitization process significantly, as ultimately a rating has to be recalculated for the receivables to be securitized (at least in an abbreviated procedure).

In addition to the quantified probability of default, rating agencies also request a precise description of payment arrangements, the distribution of cash flows, and documentation on the legal structures in the securitization transac- tion. When carrying out such a transaction, it is necessary to contact rating agencies at an early stage in order to enable the thorough compilation of required data. In addition, it is important to ensure that the data necessary for ongoing rating monitoring can also be provided in a timely manner during the term of the transaction.

In addition to the rating processes described above for CDOs, rating agen- cies also have at their disposal a large number of specific rating approaches for other types of receivables. Typically, specific rating processes and data require- ments exist for residential mortgage-backed securities (RMBSs), commercial mortgage-backed securities (CMBSs), various forms of asset-backed securities (ABSs) in the narrow sense (leasing receivables, consumer loans, credit card receivables) and asset-backed commercial paper programs (ABCPs).

47 Best Practices in Risk Management for Securitized Products

For example, rating agencies will request additional information on residen- tial and commercial mortgage-backed securities, such as age, geographical loca- tion, other liens on the collateral assets, or supplementary information on the receivables themselves (e.g. the precise repayment structure, etc.). A complete description can be found in the rating agencies documentation.

4.5 Conclusions This section examines the conclusions which can be drawn from our description of rating processes for the purpose of a banks internal risk management in securitization transactions. On the basis of selected, practically relevant issues, we present fundamental considerations regarding the use of external ratings.

In this context, we assume that the requirements defined under Basel II for the use of external ratings have been fulfilled and do not have to be taken into specific consideration (cf. CP3). It is not the intention of this guideline to make statements as to the relative advantages of ratings from specific agencies. There- fore, the explanations presented below refer to all rating agencies.

4.5.1 Securitization Transaction Ratings vs. Corporate Ratings From the rating agencies perspective, a certain rating class (e.g. AA) always characterizes the same risk for the investor regardless of the type and origin of the underlying debtor or instrument. Therefore, from this standpoint the risk level of securitization ratings should generally be comparable to that of corpo- rate ratings. In this context, it is necessary to note that securitization ratings are issue ratings, whereas corporate ratings can be seen as issuer ratings.

With regard to statements on the loss given default (LGD), there are sub- stantial differences between corporate ratings and securitization ratings. For example, the LGD for corporates is strongly influenced by the available collat- eral, while the LGD of a securitization position is driven by factors such as the thickness of defaulted tranches.

Moreover, one special characteristic of securitization transactions is that a default (especially in tranches with good ratings) will usually occur relatively close to the end of the transactions term. However, this is not the case with corporate loans, for which defaults have been empirically proven to occur more toward the beginning of the term. This is to be taken into consideration accord- ingly when quantifying and interpreting risks.

If we compare the historical migration and default probabilities for securi- tization ratings versus corporate ratings (as published by rating agencies), it is conspicuous that securitization ratings are clearly more stable and involve lower default probabilities than the corresponding corporate ratings. However, the significance of such observations definitely has to be put into perspective due to the short data history available for generating matrices of this type and due to specific valuation characteristics. For example, some sub-investment- grade tranches are traded on the market with substantially larger spreads than comparable corporate bonds. Another reason why it may also be necessary to

48 Best Practices in Risk Management for Securitized Products

exercise caution in evaluating these figures is that for a long time the process of ongoing rating monitoring for securitization transactions was only of secondary importance due to the predominance of buy-and-hold strategies. Only in recent years has monitoring undergone rapid development in rating agencies, thus increasing the number of rating migrations observed.

In part, the stability of securitization ratings might also result from the nov- elty of the instrument and from the resulting conservative initial assessments. In order to cover the structural and legal risks specific to securitization, additional credit enhancements have been required in some cases; however, these enhance- ments can ultimately cover some credit risk as well and thus have a stabilizing effect on the rating.

Even if the rating of a securitization transaction is supposed to be formally comparable to that of a company from the rating agencies perspective, the use of empirical statements derived from corporate ratings should be regarded crit- ically in securitization risk management.

4.5.2 Using External Ratings in the Banks Internal Risk Management In cases where banks quantify securitization risks internally, the effort required should generally be weighed against the risk assumed. Due to the complex structure of securitization transactions, this effort will usually be considerable.

At least for investments of limited volume in low-risk tranches, it may be possible to do without in-house quantification and to use external ratings for efficiency reasons. In any case, however, accompanying measures should be taken to limit possible uncertainties as to the significance of external ratings. These measures might include: — Stress-testing agency ratings based on historical data from the agencies (pre- payments, default distribution, various recovery rates, interest rate shocks) — Valuating positions at current market prices on an ongoing basis (with regard to the securitization transaction itself as well as the underlying receiv- ables) — Monitoring transactions by means of rating changes and investor reports — Reviewing the servicers and originators business models — Reviewing the originators motivation for the securitization transaction and — Diversifying securitization investments.

However, the originator and credit enhancers are often confronted with a situation in which they assume considerable risks in positions which do not have external ratings. As a supplement to external ratings, these market participants usually build up their own in-house know-how for analysis and risk quantifica- tion in securitization transactions. Rating agencies actively support this accumu- lation of know-how by publishing a great deal of the procedures used and by providing software tools for this purpose. By comparing various quantification methods, in-house risk quantification can then yield far better risk statements on securitization positions than would be possible using external ratings alone.

49 Best Practices in Risk Management for Securitized Products

5RiskManagement On the basis of the information presented above, this chapter of the guideline provides practice-oriented tips and guidance for risk management in securitiza- tion transactions. In this chapter, we mainly focus on securitization-specific aspects and point out potential links to general credit risk management. In order to manage and to limit the risks associated with securitization, it is essential to ensure that the basic prerequisites necessary to optimize risk man- agement are fulfilled even before the securitization transaction is carried out. These prerequisites are explained in section 5.1 for the originator as well as the investor on the basis of selected best-practice descriptions. Once the basic prerequisites for execution and risk management in a securi- tization transaction have been met, it is necessary to identify the risks in a con- crete transaction and limit them as far as possible during the structuring process (for the originator) or the investment decision process (for the investor). The success factors to be considered in this process are discussed in section 5.2. Once the execution stage has been completed and the risks have been trans- ferred to the investors, risk management (and thus the activities described in section 5.3) will usually concentrate on the ongoing monitoring of securitiza- tion positions as well as reporting. We also discuss special issues arising for the originator in cases where positions are retained and when the originator assumes the responsibility for servicing. The essential points to be considered by the main parties in a securitization transaction for the purpose of optimum risk management are summarized in Chart 8. The functions of the originator and servicer are examined jointly because the originator usually assumes responsibility for servicing. Chart 8

50 Best Practices in Risk Management for Securitized Products

5.1 Meeting Basic Prerequisites The basic prerequisites for carrying out a securitization transaction have to be met in two dimensions: First, external relationships to debtors (customers) and investors have to be reviewed in order to identify how they can provide optimal support for the use of securitization and for the accompanying risk management activities. Second, in terms of internal organization it is also necessary to ensure that the decision to use securitization transactions is made with a view to main- taining the overall perspective of the bank, and that the necessary data and sufficient know-how are available for operational execution. This applies to the originator and investor in different ways and with varying levels of rele- vance, thus these topics are discussed separately for originators and investors in the sections below.

5.1.1 Basic Prerequisites for the Originator Chart 9 gives an overview of the basic prerequisites to be met by the originator in order to carry out a securitization transaction. These prerequisites are dis- cussed in detail below.

Securitization transactions are based on the receivables generated by the originator based on its orientation toward its customers. Therefore, risk manage- ment should ensure that the receivables generated are securitizable at an early stage in order to avoid potential later risks in the securitization process. When assessing whether receivables can be securitized, it is necessary to separate the external view from the originators internal perspective.

From the external perspective, it is necessary to review the legal and struc- tural regulations which have to be fulfilled by individual receivables in the trans- action, for example the absence of clauses prohibiting assignment, ability to transfer collateral, etc. Although an individual originator will only have limited influence over the underlying legal and economic circumstances, the originator can make its receivables easier to securitize by designing contracts and products accordingly. For example, this might be achieved by including clauses in the originators general lending terms and conditions in order to enable receivables to be assigned and data to be passed on in the course of a securitization trans- action. Higher standardization in the product range will also make receivables more securitizable and can be useful if sales requirements are taken into consid- eration sufficiently.

From the internal perspective of the originator, economic criteria will also be applied when assessing the securitizability of receivables. This will ensure that the pool of receivables available for securitization also fulfills the economic constraints of a securitization transaction, for example whether the pool offers sufficient in relation to the credit risk and tied-up capital involved. Banks which aim to increase securitization in their credit portfolios have already integrated these criteria into their traditional lending process and will review, for example, the general prepayment risk associated with a debtor. The eligibil- ity of receivables for securitization can also affect the pricing of loans by the originator, as a securitizable loan will have a higher level of liquidity and could

51 Best Practices in Risk Management for Securitized Products

Chart 9

potentially be refinanced on more favorable terms on the capital market. These cost advantages can also be passed on to the customer, for example by making price calculations dependent on whether a loan can be securitized and by explic- itly taking these calculations into account in the lending process. The price at which pools of receivables can be securitized is another potential benchmark for pricing in the lending process.

Besides its effects on operational lending processes, increased attention to securitizability can also have effects on an institutions business policies and risk strategy. In extreme cases, new business transactions can be conducted exclu- sively with the objective of refinancing them directly by means of securitization. This can raise broad implications for strategic orientation toward specific mar- kets as well as product and customer groups, for example in the case of residen- tial construction loans in the U.S. and their securitization by government agen- cies.

Without sufficient access to buyers / investors, the originator will not be able to attain the securitizations primary objectives of risk transfer and refinancing. This is especially the case in the placement of subordinated tranches which involve high risk.

Investors first make their investment decisions independently of the origina- tor on the basis of return considerations and with special attention to the risks associated with the securitized portfolio of receivables. Furthermore, the com- plexity of a securitization structure and the reputation of the originator on the investment market are also important factors. Placing simple structures for

52 Best Practices in Risk Management for Securitized Products

well-respected originators is far easier than placing complex securitization transactions for more obscure originators.

In order to avoid placement risk, it is therefore helpful to limit the complex- ity of securitization structures as far as possible. For this reason, experienced originators frequently make use of proven structures which are well known on the market. These structures can either be specific to a certain originator or used by a variety of originators (e.g. KfWs PROMISE and PROVIDE struc- tures). This use of proven structures not only enables the securitization trans- action to be placed at more favorable prices, it also reduces structuring costs and can thereby facilitate the securitization of smaller portfolios.

The profile of an originator on the investment market can be enhanced at first by classic marketing activities such as road shows, publications, investors conferences, etc. In this context, it is important to consider specific investors operating in the securitization market, especially risk-friendly investors who are generally prepared to acquire tranches with low ratings. This group is often neglected in the traditional capital market measures taken by originators. More- over, it is necessary to decide whether access to investors is required only for a one-time securitization transaction or for ongoing securitization activities. In the latter case, it may be useful to place several smaller transactions (possibly with the same securitization structure) on the market over a longer period of time in order to build up a stronger market presence. Moreover, one might also consider carrying out an initial transaction even if there is no explicit need for securitization, simply in order to make a name for the originator on the market in case securitization is required at a later point.

From the risk management perspective, placement risks should generally not obstruct a securitization transaction, but they can increase costs substan- tially. This additional expense can arise indirectly due to the costs of calling in third parties (e.g. large investment banks) for their structuring and placement expertise, or it can stem from the investors demands for higher interest on the tranches they purchase.

Securitization should only be considered in cases where it appears sensible in terms of the banks overall capital perspective, for example by reducing regulatory or economic capital requirements; by providing an alternative source of fund- ing; by improving the credit portfolios risk/return profile; by providing an additional product the institution can offer to its customers; or by making it possible to take advantage of investment opportunities. These motives will be of varying relevance to different organizational units within a bank. Overall cap- ital allocation therefore has to consider and decide when securitization should be used in cooperation with the organizational units concerned.

In risk management, difficulties can arise in particular when an institution does not clearly define who is responsible for deciding whether to carry out a securitization transaction.

53 Best Practices in Risk Management for Securitized Products

Chart 10

In the sample distribution of tasks shown in Chart 10, a lack of clearly defined decision-making responsibilities might give rise to the following prob- lems: — A business division might carry out a securitization transaction which seems appropriate from the divisions standpoint but is not necessary or sensible in light of the banks overall portfolio. — A portfolio of receivables which (from a risk/return perspective) should actually remain in the banks possession might be securitized for refinancing purposes. — Portfolio management might limit new lending to a specific industry in order to avoid risk clusters, but traders might accidentally invest in that industry without being aware of the underlying positions in a securitization deal.

Clear responsibilities and processes which focus on the of the bank as a whole in securitization decisions can help to forestall these difficulties. Therefore, securitization risk management is generally designed in such a way that all potentially affected parties are consulted in the decision to carry out a securitization transaction. This can be implemented in the form of committees or through informal structures. The effort involved will generally be justified by the considerable significance of securitization transactions and the small number of decisions required for this purpose. Such a process ensures that securitization is employed with the greatest possible transparency for the benefit of the overall bank and not merely for the purpose of optimization in response to problems in a specific area.

54 Best Practices in Risk Management for Securitized Products

Securitization transactions cannot generally be carried out without compre- hensive data and know-how availability. Especially when large numbers of receiv- ables are securitized, the computerized storage and processing of data on the portfolio of receivables is critical. The data requirements of rating agencies and investors can substantially exceed the receivables information generally used for risk management in banks. Collecting data which was not originally captured in electronic form, for example in the case of paper-based collateral administration, usually involves a large amount of manual effort. Although this increases the costs of a securitization transaction, it can also enable better esti- mates of the risks in the pool of receivables and thus reduce refinancing costs. The main data required for assessing transactions are internal ratings and histor- ically verifiable default statistics for the purpose of validating those ratings. Therefore, banks should also consider the data requirements for future securi- tization transactions in cases where changes in IT systems are planned. Experi- enced market participants have pointed out that sound data availability is a cru- cial success factor in rapid and cost-effective structuring.

In operational execution as well as risk management, securitization-related risks can only be assessed comprehensively with the appropriate professional know-how. This know-how can be accumulated by hiring specialists or by car- rying out transactions in practice. Training seminars can also be helpful in ensur- ing that the staffs knowledge is up to date in a fast-developing market. Given the widely varied uses of securitization mentioned above, the bank can also investigate means of bundling securitization know-how for efficiency purposes. It will not always be necessary to maintain in-depth know-how for all areas of securitization. The level of knowledge among in-house employees, however, should be sufficient to identify and discuss general securitization issues and risks with external experts and to evaluate the quality of their services. The purpose of this guideline is to contribute to this knowledge.

The availability of sound know-how among employees not only has to be ensured in the structuring stage; a considerable body of knowledge is also required for ongoing monitoring and reporting in transactions which are carried out by the originator. This is a crucial issue in cases where employees with extensive know-how leave the originators organization once structuring is com- plete and structure-specific knowledge is lost (operational risk). Such problems arise especially when the securitization transaction is carried out using external consultants only and the relevant know-how is not accumulated within the orig- inators organization.

5.1.2 Basic Prerequisites for the Investor When investing in securitization deals, the investor also has to meet basic pre- requisites in the two dimensions mentioned at the beginning of this section. However, the additional measures required specifically for securitization are not as extensive as in the case of the originator.

If an investor decides to invest more heavily in securitization deals, it is necessary to ensure the necessary market access. In the case of publicly traded

55 Best Practices in Risk Management for Securitized Products

securitization instruments, this will be fairly easy through exchanges or large investment banks, provided that the investor has the necessary contacts (i.e. large investment banks). In order to be considered for private transactions as well, however, an investor must be in high standing on the market.

Access to buyers is even more important to the investor than access to suppliers, as otherwise the investor will be forced to pursue a buy-and-hold strategy. As term transactions in particular can have very long maturities, the decision to invest in a securitization transaction also generally involves tying up capital for a long period. At present, the secondary markets for securitiza- tion positions are often not sufficiently liquid to enable the immediate sale of positions at reasonable prices. Active trading will therefore only be possible for selected securitization positions.

With regard to integration into bank-wide capital allocation, investors should make their strategic decisions to invest more heavily in securitization positions on the basis of detailed analyses. In light of available capital, a decision has to be made as to its strategic use as well as the share of capital available for invest- ments in securitization transactions. In addition, specific return targets which are appropriate to the level of risk involved should also be defined for such investments.

As regards data and know-how availability, the investor should concentrate in particular on providing the knowledge required to analyze and manage securi- tization positions. As securitization involves a large number of specific details and risks (many of which are presented in this guideline), it will generally not be possible to invest in securitization deals successfully in the long term using external ratings alone or without accumulating the relevant know-how internally.

5.2 Execution Stage Risks which are not (or only partly) taken into account in the execution of a securitization transaction can have negative effects on the performance as well as the legal and regulatory stability of the securitization for both the originator and the investors over the term of the transaction.

For this reason, the originator has to examine and limit as many risks as pos- sible in the structuring process as well as calling in a large number of experts for this purpose. At the same time, the duration of the structuring process should be kept as short as possible for efficiency reasons and should not exceed six to twelve months for an initial transaction.

When making concrete investment decisions, investors and credit enhancers should look at the costs incurred by intensive in-house risk analysis for potential securitization investments in relation to the expected improvement in credit quality assessment indicated by a (possibly) available external rating.

56 Best Practices in Risk Management for Securitized Products

5.2.1 Structuring Stage for the Originator Structuring is usually carried out as a separate project for which the originator must make dedicated capacities available and define clear responsibilities. In this context, the structuring team will include near-capital-market arrangers as well as credit experts from portfolio management. This team should be given as much support as possible from decision makers in the organization. In other areas of the bank which are also relevant to structuring, such as the affected business divisions, IT, accounting, controlling, legal affairs, etc., employees should have at least a basic understanding of securitization. Representatives of these departments should be included in the project team wherever necessary. Project management should be based on a project plan containing detailed time and task schedules. The defined result of this project plan should not only be the placement of the issue with the investors but also the fulfillment of all process- related requirements and data processing demands for the subsequent monitor- ing of the securitization transaction. In detailing the task plans, practitioners should at least investigate the relevant risks presented in this guideline.

The time schedules should be defined starting from a target date and moving backwards in time. The target deadline for implementation of the structure will result from the motivation behind the securitization transaction, for example a point at which the originator must receive the funds for liquidity reasons or at which capital requirements should be reduced. The duration of the structuring stage essentially depends on the complexity of the structure, the availability of the necessary data, the breadth of the investor basis, as well as the securitization experience of the parties involved. In general, it should be possible to complete the structuring stage within a period of three to six months. However, this proc- ess may take far longer in an originators first securitization transaction. Using existing securitization structures or ABCP programs can shorten the structuring stage considerably.

The selection of receivables is especially important in the structuring stage, as the type of receivables chosen will determine the risks involved and affect the complexity and duration of the structuring process. For example, transferring mortgages in the case of mortgage-backed securities will require substantially more time than securitizing unsecured loans. In the process of selecting receiv- ables for securitization, however, the time and effort involved in structuring are not considered as important as achieving the main objective of the securitization transaction in the optimum manner. For example, receivables which have a higher credit rating than the bank itself will be selected in order to create a refi- nancing advantage, or those types of receivables which command the highest prices on the market will be used.

In order to avoid operational risks, it is necessary to define clear criteria for the selection of receivables and to monitor adherence to those criteria. In the case of true-sale securitization, this is generally done during the structuring process before the receivables are sold to the special-purpose vehicle. In syn- thetic transactions, adherence to the criteria is checked if a defined credit event occurs and leads to actual losses for the investors.

57 Best Practices in Risk Management for Securitized Products

The complexity of the structuring stage is also determined by the number of experts to be called in. The more know-how is available within the originators organization, the more efficiently the transaction can be structured. However, small and medium-sized banks in particular will not have structuring experts at their disposal, thus they will have to bring in external consultants with this expert knowledge. The originator will then tend to take on the role of a process manager who merely ensures that the risks relevant to a transaction are addressed without actually having to quantify or limit the risks. It is advisable to make contact with the external organizations involved in a securitization transaction, including rating agencies and regulatory authorities, at an early stage in order to address factually relevant issues quickly and to resolve them within a reasonable period of time.

5.2.2 Specific Investment Decisions for Investors Investors and credit enhancers decide for or against investing in a securitization transaction which is not yet traded on the market according to the same general principles and criteria they apply to other primary market investments. In this context, the question first arises as to whether the investor will perform a separate analysis of the risks associated with a securitization transaction even if an external rating is available for the position. In light of the results presented in chapter 4, it is clear that deriving quantitative risk measures in particular from external ratings still involves considerable uncertainty. These uncertainties might also be inevitable in the investors own risk analyses. For efficiency reasons, the investor is likely to perform such analyses for positions which involve relatively high levels of risk. However, this does not apply to the credit enhancers positions, which are generally not assigned external ratings and therefore always have to undergo risk analysis.

In contrast to other primary market investments, it must be noted that securitization transactions often have secondary markets of only limited liquid- ity, thus making it difficult to correct unwise investments in specific securiti- zation transactions. Accordingly, the decision to invest with a buy-and-hold strategy should be made with great caution, and the transaction should be subjected to stringent ongoing monitoring.

5.3 Ongoing Monitoring and Reporting Once securitization positions have been structured and sold to the investors and credit enhancers, the individual positions have to be integrated into ongoing risk controlling. In this context, characteristics specific to securitization can be found in the treatment of individual positions and on the aggregated level. Orig- inators and investors base internal and external reporting for their positions on risk controlling. Two special issues also arise for the originator: First, retained positions have to be monitored with particular intensity as they are usually sub- ordinated and thus involve high risk. In addition, in its potential role as servicer the originator also assumes responsibility for providing information on the securitized pool of receivables, an activity which is crucial to reporting.

58 Best Practices in Risk Management for Securitized Products

5.3.1 Risk Controlling Like its general counterpart, risk controlling for securitization positions involves risk measurement, monitoring, and control.

In this context, risk controlling for securitization positions always has to be based on the methods and procedures used for bank-wide risk management. If these methods and procedures use volume or utilization limits, for example, VaR-based limits for securitization positions can only be integrated with difficulty. If a bank uses methods of calculating credit equivalent amounts for isolated credit derivatives, they should also be used for derivatives in synthetic securitization transactions. In principle, the treatment of a securitization bond does not differ significantly from the treatment of a corporate bond. This approach ensures that securitization positions in risk management can be inte- grated into the banks overall credit portfolio.

Securitization positions are subject to the usual regulations and processes involved in lending and credit monitoring. This includes application, approval, limit debiting, ongoing and event-triggered monitoring, as well as any necessary escalation, troubled loan restructuring, and processing activities. Due to the specific securitization know-how required, these functions are generally carried out by organizational units set up expressly for this purpose.

However, it is also necessary to ensure a transparent overview of all of the securitization positions associated with a specific transaction (special-purpose vehicle) and held by a single originator or investor. Creating such an overview is similar to the creation of borrower groups. In risk controlling, this will require the corresponding additional processes and report formats.

Risk controlling not only has to capture the risks associated with an individ- ual securitization transaction, but also the correlations between various trans- actions and the bank-wide credit portfolio. When correlations are examined, the focus should be more on the underlying risks than on the originator or spe- cial-purpose vehicle in a securitization position. For example, the correlation of a bond issued in an RMBS securitization will depend more on the regional distribution of real estate and debtors than on the special-purpose vehicles place of incorporation. The lower the granularity in the pool of receivables is, the more this is the case. In the corresponding CDOs and CMBSs, it is therefore necessary to check whether the securitization position should be partly or entirely assigned to the credit lines of underlying debtors for the purpose of risk controlling. In the simplest case, the securitization position is spread evenly across all debtors in the pool of receivables. As an alternative, it is also possible to make assumptions on the possible sequence of borrower defaults in the pool over time, and to assign the securitization position according to the default scenario and the positions level of subordination. In practice, however, this will not generally yield meaningful statements due to the large number of assump- tions it requires.

59 Best Practices in Risk Management for Securitized Products

5.3.2 Reporting In light of the large number of parties involved in a securitization transaction, it is especially important to exchange up-to-date and complete information on the performance and development of securitization positions. In this context, the focus is on the information required by originators and investors for internal and external reporting.

First of all, the originator and investor will need information on the devel- opment of the pool of receivables. This information should be provided peri- odically (usually on a monthly basis) and in response to certain events such as the default of a debtor.

Information on the development of the pool should be distributed by the originator or arranger in the form of an investors report. It is not advisable to have this information supplied by the servicer, as in such cases the servicer has to be informed as to which receivables are securitized. Under these circum- stances, the servicer might deliberately monitor securitized receivables less intensively to the detriment of the investors (agency risk). Therefore, if the originator also handles servicing, it is also necessary to ensure that reporting and servicing are strictly separated in the originators organization.

Additional information is required on the performance of the special-pur- pose vehicle and the overall securitization transaction. If the special-purpose vehicle is incorporated abroad and the management company is also based there, delays and difficulties may arise in conveying the information in a timely and comprehensible manner. In order to prevent this, precise regulations as to the timing and scope of information to be provided should already be defined in the structuring stage.

In the internal reporting processes of the originator and investor, the risk positions resulting from the securitization should be made as transparent as pos- sible. Reporting can be handled as part of an organizations usual risk reporting processes and can use information processing methods from other credit port- folios (e.g. corporate loans, project finance, construction loans, etc.). Where necessary, originators should include an additional section in their risk report to give more detailed information on newly executed and ongoing securitization transactions.

External reporting for securitization positions is carried out in the process of determining regulatory capital requirements and in preparing annual financial statements. The timely availability of information required for this purpose should be ensured in the systems used for securitization risk reporting.

5.3.3 Special Issues for the Originator For the originator, special challenges in risk management arise in reviewing retained positions and monitoring securitized receivables in the servicing process.

60 Best Practices in Risk Management for Securitized Products

Retained positions are generally assumed to involve subordinated claims in the securitization structure and should thus be associated with higher risks. This is especially the case if such positions arise from agreements which enable the risk to be shifted back to the originator in the course of the transaction, for example when defaulted receivables are substituted during the transactions term. In addition, the originator is often forced to retain the first loss piece, as the high risks it involves may imply that it will only command a low price or that it would be impossible to find an investor to acquire it.

Due to the complex structures in a securitization transaction, retained sub- ordinate positions are difficult to compare to other risk-bearing instruments. As a result, these positions need to be monitored intensively in risk management. In this process, it may be helpful to depict the overall structure and especially the underlying pool of receivables in quantitative terms in order to calculate how retained positions are affected by credit events over time promptly and to take the appropriate limitation measures. In general, this can be done with the credit portfolio and cash flow models used in structuring the transaction.

In order to avoid agency risks, risk management for retained positions should ensure that ongoing monitoring is not handled by the same organiza- tional units that accompanied and executed the structuring stage. This is anal- ogous to the usual organizational separation of market/front-office divisions and risk controlling.

The ongoing monitoring of securitized receivables is the most important activ- ity performed during the term of a securitization transaction. In principle, how- ever, there is no distinction between the ongoing monitoring of securitized receivables and that of non-securitized receivables.

Securitization-specific problems may arise when a debtor in the pool of receivables defaults and the receivables and collateral might have to be collected by judicial means. In the case of a true-sale transaction, the receivables are not the property of the servicer (regardless of whether it is the originator or not), meaning that collection services are commissioned on behalf of the special-pur- pose vehicle and not by the servicer on its own behalf. In order to avoid legal difficulties, it may then be necessary to provide for the transfer of receivables (back) to the servicer/originator.

The performance of a securitization transaction depends heavily on the serv- icers success in monitoring and realization activities. If the originator handles servicing and at the same time retains subordinated positions, the originator will be interested in ensuring strong performance in its own interest. This can even prompt the originator to withhold information on incurred losses or to offset them in addition to its retained positions in order to avoid negative effects on the transactions rating. This could be interpreted as implicit support and con- stitutes an operational risk.

61 Best Practices in Risk Management for Securitized Products

If servicing is performed without retained positions, on the other hand, the independent servicer might not necessarily be motivated to achieve a particu- larly high level of success in monitoring and realization. This is especially the case when the originator services the receivables and the employees in charge of servicing are aware of which positions are securitized. In such cases, there is a danger that these positions will be monitored less closely because they are already insured by the securitization transaction. This operational risk also has to be limited.

In both situations, the investors and credit enhancers or their representatives (e.g. trustees) should use clearly defined success measures and service level agreements to ensure that the servicer always performs its duties in the best interest of the securitization transaction. Financial covenants and other means of prescribing and monitoring conduct can also be used to avoid operational risks.

62 Best Practices in Risk Management for Securitized Products

6 Appendix A: Glossary

ABS (strictly defined): ABSs which are generally secured by a pool of trade receivables, leasing receivables, credit card receivables or revolving receivables.

Accrual/deferral risk: The risk that revenues and expenses cannot be allo- cated to the originally planned time periods in accruals and deferrals accounting and that results will thus be shifted to other periods. Accrual/deferral risk also frequently brings about unexpected effects on taxation.

Agency risk: The risk that the agent in a principal/agent relationship will take advantage of discretionary freedoms to the detriment of the principal. In the context of securitization transactions, the principal is generally the investor or special-purpose vehicle, while agents typically include servicers, trustees, and rating agencies.

Allocation risk: The risk that assets, debts, revenues, expenses and services will not be allocated to the parties as anticipated in the tax treatment of a securi- tization transaction. This risk is both spatial and temporal; for example, the spe- cial-purpose vehicle is often incorporated abroad and the temporal distribution of payment flows cannot be determined precisely in advance (e.g. due to pre- payment risk).

Arranger: A party in a securitization transaction who supports the origina- tor by structuring the transaction for a fee (called the structuring fee) and, for example, reviews the credit quality of the pool of receivables as well as the structure of interest and principal payments as an independent third party. Arrangers are also referred to as structurers.

Asset—backed commercial paper program (ABCP program): A form of securitization in which the special-purpose vehicle issues commercial paper. In contrast to term transactions, ABCP programs involve shorter maturities, usually 30 to 360 days. The special-purpose vehicle in ABCP programs, often referred to as the conduit, is set up by the sponsor. ABCP programs are assigned short-term issue ratings by rating agencies.

Asset-backed securities (ABS): Bonds secured by a pool of assets which gen- erates interest and principal payments to be passed on to the investors. The assets pooled may be loans, bonds, trade receivables, etc.

Basket CDS: A basket CDS is a special form of (CDS) in which the credit event that triggers payments is determined by the development of a portfolio of reference receivables. The credit event can be the first default in the pool of receivables or another subsequent failure. In contrast to a syn- thetic securitization transaction, however, these transactions do not usually involve issuing bonds.

63 Best Practices in Risk Management for Securitized Products

Burnout: Burnout describes a state in which the debtors in a pool of receiv- ables do not see incentives to repay debt early (prepayment) even in times of decreasing market interest rates. Burnout can be caused by preceding periods of low market interest rates.

Cash flow modeling: The use of models to describe the rules by which the interest and principal payments from the pool of receivables in a securitization transaction are distributed among the tranches and other creditors after subtrac- tion of administrative costs and fees (waterfall approach).

Cleanup call: The originators right to call outstanding bonds in a securiti- zation deal before the transaction comes to an end. The originator will exercise this privilege for economic reasons.

Collateralized bond obligation (CBO): A special form of ABS which is usu- ally secured by a pool of marketable bonds.

Collateralized debt obligation (CDO): A special form of ABS secured by a pool of general debt instruments. CDOs therefore include collateralized bond obligations (CBOs) and collateralized loan obligations (CLOs).

Collateralized loan obligation (CLO): A special form of ABS secured by a pool of loans.

Commercial mortgage-backed securities (CMBS): A special form of mort- gage-backed securities (MBS) secured by a pool of mortgages on commercially used property (offices, retail spaces, hotels, other real estate used for commer- cial purposes).

Commingling risk: The risk that, if one of the parties to a securitization transaction goes bankrupt, the claims of the investors cannot be distinguished from those of other creditors and therefore cannot be satisfied completely. For example, if the payment flows from a securitization transaction are handled by a bank acting as paying agency, it may not be possible to distinguish financial funds related to the securitization transaction from other funds held by the pay- ing agency. The bankruptcy administrator could then use those funds to satisfy the claims of creditors in general without being obligated to pass the funds on to the investors.

Conduit: A specific form of special-purpose vehicle used in securitization transactions, for example in asset-backed commercial paper programs.

Consolidation risk: The risk that a special-purpose vehicle will have to be consolidated on the originators balance sheet, thus partly or entirely undermin- ing the risk transfer intended in the securitization transaction. Consolidation can bring about a situation in which the intended reduction in capital require- ments in a securitization deal is not or only partially attained, or — in cases

64 Best Practices in Risk Management for Securitized Products

where the originator files for bankruptcy — the receivables might be considered part of the originators estate and not allocated directly to the investors.

Consultation Paper 3 (CP3): Published by the Basel Committee on Banking Supervision at the Bank for International Settlements (BIS), Consultation Paper 3 describes the new framework for regulatory capital requirements (Interna- tional Convergence of Capital Measurement and Capital Standards — A Revised Framework, Basel II).

Contingent perfection: A special means of transferring collateral (usually mortgages) to the special-purpose vehicle in which the transfer does not take place until the debtors credit standing deteriorates to a defined level.

Credit default swap (CDS): A credit default swap is a contract in which the seller undertakes to pay the buyer a certain compensation amount if a specified credit event occurs. The seller receives a premium in exchange.

Credit derivative: A bilateral financial contract which makes it possible to isolate credit risk from the other risks (especially market risk) associated with a financial instrument and to pass this risk on to a counterparty without having to transfer ownership of the instrument itself. In synthetic securitization trans- actions, credit default swaps (CDSs) and credit-linked notes (CLNs) are the most commonly used forms of .

Credit enhancement: Credit enhancements generally refer to credit protec- tion instruments which mitigate the credit risk (in a pool of receivables) to be transferred to the investors. Credit enhancements are generally provided within the pool of receivables, by the originator, or by external third parties for indi- vidual tranches of a securitization transaction.

Credit enhancement level The amount of credit enhancement available to secure a certain tranche in a securitization transaction. Rating agencies pre- scribe minimum amounts in order for a tranche to receive a specific target rat- ing. A tranches degree of subordination is also taken into account when deter- mining its credit enhancement level.

Credit enhancer: A party who provides external credit enhancements in a securitization transaction. Credit enhancers differ from investors in that they do not actually invest in securitization tranches.

Credit-linked note (CLN): Debentures which are issued by a protection buyer and only redeemed in full at term if a defined credit event has not occur- red. Otherwise, CLNs are repaid in part within a defined period after the deduction of a compensation amount. In this respect, a CLN combines the fea- tures of a bond and a credit default swap (CDS). In contrast to CDSs, however, CLNs require the protection seller to pay the amount of the bond in advance.

65 Best Practices in Risk Management for Securitized Products

Debtor: A physical person or legal entity against whom the originator has a claim, for example in the form of a loan. Also referred to as an obligor. Securitization makes it possible to transfer the risk that a debtor will not be able to repay the claim on time or at all (i.e. credit risk) to investors and credit enhancers.

Diversity score: The number of idealized, uncorrelated receivables which depict the default behavior of a defined pool of receivables. The rating agency Moodys uses this score as a key measure for modeling credit risk in a pool of receivables.

Early amortization: The early redemption of bonds issued in a securitization transaction if certain events defined in the prospectus occur, for example increased prepayment rates, violations of guarantees, changes in legal and reg- ulatory circumstances, etc.

Excess spread:spread The difference between incoming interest paid on the receiv- ables in the pool to the special-purpose vehicle and the interest to be paid on the bonds issued plus the fees incurred. Excess spread can be used as an internal credit enhancement to mitigate credit risk.

Expected loss: The loss to be expected over the period of a receivable. Expected loss is calculated by multiplying the probability of default (PD) by the loss given default (LGD) and the exposure at default (EAD). This figure is an important measure in the quantification of credit risk. Expected loss can be calculated statistically as the expected value of the loss distribution.

Exposure at default (EAD): The amount of the receivable at the time when a debtor defaults. EAD is one of the key values used in determining the expected loss for receivables.

Financial covenants: Agreements which obligate a party to perform duties in a certain way or to adhere to certain requirements. Financial covenants are frequently used to limit operational risks in securitization transactions.

First-loss piece (FLP): The position in a securitization structure which bears the first losses in the pool of receivables (first default position); this position is often held by the originator itself.

Investors: Securitization investors purchase bonds or assume only the credit risks which are transferred by means of the various tranches in a securitization transaction. Along with the special-purpose vehicle, the originator and the servicer, investors are among the main parties involved in a securitization trans- action. Investors have to be distinguished from credit enhancers, who provide credit enhancements for some or all tranches but do not purchase them them- selves.

66 Best Practices in Risk Management for Securitized Products

Issue and issuer ratings: Ratings for securitization transactions are generally not based on the credit standing of an individual borrower or economic unit (issuer ratings), but on the specific credit quality of the bonds issued in a securi- tization transaction (issue rating).

Issuing syndicate: A group of several banks which initially takes the bonds issued by a special-purpose vehicle onto its own books for a fee (the issuing fee) in order to place them on the capital market or with private investors; the syndicate thus usually bears the placement risk for the issue.

Kreditanstalt fufur‹r Wiederaufbau (Reconstruction Loan ; KfW): A development bank which focuses on the German economy and is headquar- tered in Frankfurt am Main. KfW offers originators standardized programs for the synthetic securitization of loans to medium-sized enterprises (PROMISE) or private residential mortgage loans (PROVIDE).

Legal opinions: Binding statements from attorneys offices confirming that specific legal problems cannot arise within a concrete securitization structure or that arrangements have been made to avoid such problems. This also means that the attorneys are required to assume some legal risks.

Limited liability partnership (LLP): A legal form of business organization under English law which is generally chosen for special-purpose vehicles in securitization transactions due to its bankruptcy stability.

Liquidity facility: A facility used to ensure solvency in a securitization trans- action. Liquidity facilities are often required in asset-backed commercial paper programs in order to bridge short-term payment disruptions between redemp- tions and new issues of commercial paper.

Loss given default (LGD): The default rate which quantifies the loss incur- red relative to the amount receivable if a debtor defaults. The difference between the amount receivable and the loss given default is also referred to as the repayment rate. LGD is one of the key values used in determining the expected loss for receivables.

Mortgage-backed securities (MBS): A special form of ABS secured by a pool of mortgages. MBSs therefore include residential mortgage-backed securities (RMBSs) and commercial mortgage-backed securities (CMBS).

Multi-seller structure: A special form of securitization in which the receiv- ables of more than one originator are securitized. This makes it possible to securitize smaller portfolios, for example those of smaller banks or companies. For example, asset—backed commercial paper programs can be set up as multi- seller structures.

No-petition agreement: An agreement stipulating that only the investors and not the other parties involved in a securitization transaction can effect

67 Best Practices in Risk Management for Securitized Products

the bankruptcy of the special-purpose vehicle during the term of the transac- tion. Like no-recourse clauses, these agreements ensure the bankruptcy stability of the special-purpose vehicle.

No-recourse clause: An agreement in which all of the special-purpose vehi- cles contract partners waive their right to sue for claims until after the trans- action is completed. Like no-petition agreements, these agreements ensure the bankruptcy stability of the special-purpose vehicle.

Originator: In its ongoing business operations, the originator generates assets which form the pool of receivables to be securitized. Along with the spe- cial-purpose vehicle, the investors and the servicer, the originator is among the main parties involved in a securitization transaction.

Overcollateralization: Overcollateralization means that the portfolio trans- ferred to the special-purpose vehicle has a higher nominal value than that of the bonds issued to the investors. The additional interest and principal repayment revenues can then be used as an internal credit enhancement to mitigate credit risk.

Pass-through structure: A form of securitization in which the interest and principal payments from the pool of receivables are passed on to the investors directly and without active timing management.

Paying agency: A party involved in a securitization transaction who assumes responsibility for managing the payment flows collected by the servicer and for passing the funds on to the investors. In pay-through securitization transactions, the paying agency also handles the task of managing payment flows actively according to the relevant agreements.

Pay-through structure: A form of securitization in which the payment flows arising from the pool of receivables are managed actively over time and then passed on to the investors. This can help reduce liquidity risk substantially. The most common forms of pay-through structures are pro rata payment, sequential payment, planned amortization and targeted amortization.

Pfandbrief: A debt instrument generally secured by mortgages. In contrast to MBSs, however, these receivables are not isolated from the originator, nor do they involve various tranches.

Placement risk: The risk that an insufficient number of investors will be found for the risks or bonds transferred in a securitization transaction. In such cases, the originator may have to retain positions unexpectedly and will there- fore only partly achieve the objectives of risk transfer and refinancing in the transaction.

Planned amortization: An agreement in pay-through structures stipulating that the redemption of the bonds issued in the securitization transaction is inde-

68 Best Practices in Risk Management for Securitized Products

pendent of the actual payment flows from the pool of receivables within certain limits. This means that prepayment risk is only passed on to investors when it exceeds a defined level.

Pool of receivables: A large number of accounts receivable for which the credit risks — and in some cases the refinancing — are assumed by investors instead of the originator of the claims.

Preference risk: The risk that, if the originator goes bankrupt, other cred- itors claims will lead to disputes against the transfer of the receivables, for example if the securitization transaction was detrimental to the interests of bankruptcy creditors.

Prepayment risk: The risk that debtors will exercise their right to the early repayment of claims. The early repayment of securitized receivables reduces the special-purpose vehicles incoming interest payments, which may then be insuf- ficient for servicing the investors claims. Prepayment risk can be mitigated by pay-through structures and early amortization agreements.

Pro rata payment: An agreement in pay-through structures stipulating that incoming principal repayments are to be spread across the various tranches on a pro rata basis.

Probability of default (PD): The probability that a debtor will not (or only partly) repay a claim against him. PD is one of the key values used in determin- ing the expected loss for receivables.

Realization risk: The risk that realization proceeds from receivables and col- lateral will only be available to the special-purpose vehicle and the investors in part or with a delay if the originator or a debtor goes bankrupt. This might be the case, for example, if the bankruptcy administrator withholds fees or com- pulsory auction procedures are delayed.

Reclassification risk: The risk that the removal of receivables from the bal- ance sheet will not be recognized under commercial law but interpreted as a loan granted to the originator by the special-purpose vehicle and secured by the receivables. Recognition of this removal is usually associated with the full transfer of economic risks.

Recognition risk: The risk that indirectly involved parties will not recognize a securitization transaction in the way intended by the originator, for example in the calculation of capital requirements by a regulatory authority.

Residential mortgage-backed securities (RMBS): A special form of mort- gage-backed securities (MBSs) secured by a pool of mortgages on privately used property (e.g. on private apartments and houses).

69 Best Practices in Risk Management for Securitized Products

Risk of repudiation: The risk that, if the originator goes bankrupt, the trans- fer of receivables and collateral (as well as the resulting payments) from the originator to the special-purpose vehicle will be disputed by the originators bankruptcy administrator. ABS/ABCP investors would then only receive inter- est and principal payments to a limited extent or at a later time than expected.

Securitization: In this guideline, securitization is defined as a structure which transfers credit risks from a defined pool of receivables to investors and credit enhancers in the form of at least two risk positions which are assigned different levels of priority.

Sequential payment: An agreement in pay-through structures stipulating that incoming principal repayments are to be used to repay senior tranches first and then to repay subordinated tranches.

Servicer: A party involved in a securitization transaction who handles administration, monitoring, and the collection and realization of securitized receivables and collateral (servicing). Servicing is generally handled by the orig- inator but can also be outsourced to third parties. Along with the special-pur- pose vehicle, the investors and the originator, the servicer is among the main parties involved in a securitization transaction.

Setoff risk: The risk that, if the originator goes bankrupt, the recognition of offsetting positions by the bankruptcy administrator will lead to a decrease in the amount receivable. An offsetting position might arise, for example, if the debtor holds savings deposits with a bank as well as a residential construction loan.

Single-seller structure: A form of securitization transaction in which the underlying receivables are generated by only one originator.

Special-purpose vehicle (SPV): The company that takes over the assets and risks transferred in a securitization transaction and passes them on to the invest- ors, for example by issuing bonds or credit derivatives. Using an SPV ensures that the investors will continue to receive their payments on time and in their entirety even in cases where the originator goes bankrupt.

Sponsor: The party in a securitization transaction who assumes responsibil- ity for setting up the special-purpose vehicle (SPV). The sponsors of asset- backed commercial paper programs usually also provide the liquidity facilities necessary for these programs.

Stress scenario: In cash flow modeling, the robustness of credit quality esti- mates for the various tranches is tested against extreme scenarios such as very high prepayment rates, extremely high defaults in the pool of receivables, etc. The tranches have to pass these stress tests in order to receive a favorable rating from the agencies.

70 Best Practices in Risk Management for Securitized Products

Synthetic securitization: A form of securitization using credit derivatives in which only the credit risks from the pool of receivables are transferred to the special-purpose vehicle, after which the risks are passed on to investors; the originator retains ownership of the receivables.

Targeted amortization: An agreement in pay-through structures stipulating that the redemption of the bonds issued in the securitization transaction will depend on the actual payment flows from the pool of receivables. This transfers prepayment risk directly to the investors.

Term transaction: A form of securitization in which the special-purpose vehicle issues bonds with longer maturities, usually at least two years. As an alternative to term transactions, it is also possible to issue asset-backed com- mercial paper (ABCP) in a securitization transaction. Term transactions are assigned long-term issue ratings by rating agencies.

Tranche: A securitization position which is assigned a defined part of the credit risk in the pool of receivables and whose claims can be senior or subor- dinate to those of other tranches. Securitization transactions generally have at least two different tranches.

Tranche size: The relative share of a tranche in relation to the size of the securitized pool of receivables.

True-sale securitization: A form of securitization in which ownership of the receivables and collateral is transferred — along with all of the risks involved — to the special-purpose vehicle, for example by assignment or sale. In contrast to a synthetic securitization transaction, a true-sale securitization transaction will always provide the originator with a source of funding.

Trustee: A party in a securitization transaction who monitors the proper execution of the transaction as well as the business activities of the special-pur- pose vehicle and servicer on behalf of the investors. The trustee might also func- tion as the paying agency between the investors and the servicer.

Unexpected loss: The difference between the actually incurred loss and the expected loss. This figure is an important measure in the quantification of credit risk. For a predefined confidence level, unexpected loss can be calculated stat- istically as the difference between the specific loss related to the respective quantile and the mean of the loss distribution.

Value-added tax risk: The risk that a securitization will not be treated as planned under value-added tax regulations due to uncertainties in the interpre- tation and application of the law. For value-added tax treatment, it is necessary to define precisely which services are provided by the parties involved, whether they are generally subject to value-added tax and how the assessment base is to be calculated.

71 Best Practices in Risk Management for Securitized Products

7 Appendix B: Regulatory Discussion

See current supplement.

72

Top View